ene.mene.muh | 13.03.2013 15:01 | Hallo Leo!
Die Funde von MBAM hatte ich schon löschen lassen, allerdings habe ich das Log blöderweise vorher abgespeichert. :balla:
Hier noch einmal der MBAM Bericht:
mbam-log-2013-03-13 (13-51-15).txt Code:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.13.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]
13.03.2013 13:51:15
mbam-log-2013-03-13 (13-51-15).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 414294
Time elapsed: 18 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Farbars Service Scanner:
FSS.txt Code:
Farbar Service Scanner Version: 03-03-2013
Ran by User (administrator) on 13-03-2013 at 14:19:04
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log **** Und OTL hat mir folgendes ausgegeben:
OTL.txt Code:
OTL logfile created on: 13.03.2013 14:20:50 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 70,48% Memory free
15,82 Gb Paging File | 13,49 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 4,65 Gb Free Space | 8,33% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 844,61 Gb Free Space | 90,67% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.11 13:33:08 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.11 13:28:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2013.01.15 18:47:12 | 000,491,840 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
PRC - [2013.01.15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.07 16:17:53 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.09.05 12:18:32 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
PRC - [2011.04.14 10:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011.03.21 10:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011.02.22 11:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 11:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.11.05 22:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.04.27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
PRC - [2007.12.19 10:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2007.11.20 15:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.11 13:32:56 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.02.15 13:54:53 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.15 13:54:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
MOD - [2013.01.15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
MOD - [2013.01.15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
MOD - [2013.01.12 08:58:58 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll
MOD - [2013.01.12 08:58:58 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll
MOD - [2013.01.10 15:51:15 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 15:50:56 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 15:50:48 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 15:50:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 15:50:42 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 15:50:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 15:50:39 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.04.14 10:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
MOD - [2011.04.12 08:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011.03.21 10:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
========== Services (SafeList) ==========
SRV - [2013.03.11 13:33:08 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.25 07:39:32 | 000,543,144 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.01.15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.07 16:17:53 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.12.16 11:56:57 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2011.11.28 13:21:00 | 000,168,864 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2011.03.01 15:43:52 | 000,076,448 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.02.22 11:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.22 11:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.12.30 13:33:31 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012.12.19 22:29:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.12.19 22:29:05 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.12.19 22:29:05 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.01.17 13:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.12.16 13:36:23 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2011.11.28 13:20:48 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2011.11.28 13:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011.09.05 12:18:32 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2011.04.10 04:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 15:44:08 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.01 15:44:06 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.01 15:44:06 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.01 15:44:06 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.01 15:44:06 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.01 15:44:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.01 15:44:06 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.01 15:44:04 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.02.16 10:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.02.09 16:45:12 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bulkrazer_x64.sys -- (bulkadi)
DRV:64bit: - [2011.02.08 06:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.02.08 06:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.30 23:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.27 03:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.04.27 03:25:20 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010.04.27 03:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010.04.27 03:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.03.23 15:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.11.28 14:34:56 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E9 D1 75 32 07 E5 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKCU\..\SearchScopes\{FFA1E941-373C-4B15-A45B-4C4A0835C30B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de"
FF - prefs.js..extensions.enabledAddons: groovesharkUnlocker%40overlord1337:1.3.2
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.11 13:33:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.11 13:33:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.09.06 16:11:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013.03.05 12:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\igclhn7f.default\extensions
[2013.03.05 12:21:46 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\igclhn7f.default\extensions\ich@maltegoetz.de
[2013.03.05 10:50:47 | 000,029,064 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\igclhn7f.default\extensions\groovesharkUnlocker@overlord1337.xpi
[2013.02.28 10:11:20 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\igclhn7f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.12 20:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.11 13:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013.03.11 13:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\staged
[2013.03.11 13:33:08 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.04 17:51:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.21 20:11:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.04 17:51:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.04 17:51:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.04 17:51:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.04 17:51:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013.03.12 18:52:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Steam] D:\Programme\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78801749-ED50-471B-9B87-0FC0D1E59171}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.13 14:02:05 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\logs 13.03.2013 new
[2013.03.13 13:43:18 | 000,354,265 | ---- | C] (Farbar) -- C:\Users\User\Desktop\FSS.exe
[2013.03.12 22:10:49 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.12 22:10:47 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.12 22:10:47 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.12 22:10:47 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.12 22:09:40 | 031,521,184 | ---- | C] (Oracle Corporation) -- C:\Users\User\Desktop\jre-7u17-windows-i586.exe
[2013.03.12 22:05:28 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.12 22:05:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.12 22:05:26 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.12 22:05:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.03.12 22:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.12 22:04:00 | 033,003,424 | ---- | C] (Oracle Corporation) -- C:\Users\User\Desktop\jre-7u17-windows-x64.exe
[2013.03.12 20:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.03.12 20:27:41 | 002,347,384 | ---- | C] (ESET) -- C:\Users\User\Desktop\esetsmartinstaller_enu.exe
[2013.03.12 20:18:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.03.12 18:53:40 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.12 18:48:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.12 18:48:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.12 18:48:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.12 18:48:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.12 18:48:40 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.12 18:44:42 | 005,037,889 | R--- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2013.03.11 15:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.03.11 15:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.03.11 13:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.11 13:28:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.03.11 13:27:41 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Tools
[2013.03.06 13:27:48 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\sec logs
[2013.03.06 11:49:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2013.03.05 14:26:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2013.03.05 14:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
[2013.03.05 13:34:10 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\sec
[2013.03.05 12:27:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.03.05 12:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.03.05 12:04:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.03.05 11:57:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2013.03.05 11:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2013.03.01 14:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.01 14:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.01 14:18:12 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.01 14:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.01 14:05:18 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2013.03.01 13:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.03.01 13:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
[2013.03.01 13:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013.02.28 12:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.02.27 20:26:15 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.27 20:26:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.27 20:26:15 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.27 20:26:14 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.27 20:26:13 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.27 20:26:13 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.27 20:26:12 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.27 20:26:12 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.27 20:26:12 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 20:26:12 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.27 20:26:12 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 20:26:12 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.27 20:26:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 20:26:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.27 20:26:12 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 20:26:12 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.27 20:26:11 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.27 20:26:11 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.27 20:26:11 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.27 20:26:11 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.27 20:26:11 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.27 20:26:11 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.27 20:26:11 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.27 20:26:11 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.27 20:26:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.27 20:26:11 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.27 20:26:11 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.27 20:26:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 20:26:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.27 20:26:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 20:26:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.27 20:26:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 20:26:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.27 20:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 20:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.27 20:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 20:26:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.27 20:26:10 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.27 20:26:10 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.27 20:26:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 20:26:10 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.14 19:03:00 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 19:03:00 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 19:02:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 19:02:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 19:02:59 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 19:02:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 19:02:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 19:02:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 19:02:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 19:02:58 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 19:02:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 19:02:58 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 19:02:57 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 19:02:57 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 19:02:57 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 14:07:07 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 14:07:07 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 14:07:06 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 14:07:04 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 14:07:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 14:07:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 14:07:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 14:07:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 14:07:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.14 14:07:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.03.31 19:44:46 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\User\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2013.03.13 13:48:11 | 009,775,582 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.13 13:48:11 | 003,295,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.13 13:48:11 | 002,974,230 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.13 13:48:11 | 002,663,912 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.13 13:48:11 | 000,005,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.13 13:43:23 | 000,354,265 | ---- | M] (Farbar) -- C:\Users\User\Desktop\FSS.exe
[2013.03.13 13:40:33 | 000,021,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.13 13:40:33 | 000,021,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.13 13:33:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.13 13:33:24 | 2077,048,831 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.12 22:10:45 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.12 22:10:44 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.03.12 22:10:44 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.12 22:10:44 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.12 22:10:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.12 22:10:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.12 22:10:19 | 031,521,184 | ---- | M] (Oracle Corporation) -- C:\Users\User\Desktop\jre-7u17-windows-i586.exe
[2013.03.12 22:05:24 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.03.12 22:05:24 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.03.12 22:05:24 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.03.12 22:05:23 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.03.12 22:05:23 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.12 22:05:23 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.03.12 22:04:36 | 033,003,424 | ---- | M] (Oracle Corporation) -- C:\Users\User\Desktop\jre-7u17-windows-x64.exe
[2013.03.12 21:42:38 | 000,890,798 | ---- | M] () -- C:\Users\User\Desktop\SecurityCheck.exe
[2013.03.12 20:27:47 | 002,347,384 | ---- | M] (ESET) -- C:\Users\User\Desktop\esetsmartinstaller_enu.exe
[2013.03.12 18:52:34 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.12 18:44:53 | 005,037,889 | R--- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2013.03.12 18:40:44 | 000,000,098 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.03.12 18:38:59 | 000,597,667 | ---- | M] () -- C:\Users\User\Desktop\adwcleaner.exe
[2013.03.11 13:28:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.03.11 13:24:49 | 000,000,000 | ---- | M] () -- C:\Users\User\defogger_reenable
[2013.03.05 10:51:39 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.05 10:51:39 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.04 10:00:56 | 001,316,144 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013.03.04 09:59:46 | 000,035,328 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.03.04 09:07:22 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013.03.04 09:07:22 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013.02.20 18:02:00 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.15 13:53:38 | 000,334,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013.03.12 21:42:37 | 000,890,798 | ---- | C] () -- C:\Users\User\Desktop\SecurityCheck.exe
[2013.03.12 18:48:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.12 18:48:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.12 18:48:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.12 18:48:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.12 18:48:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.12 18:40:40 | 000,000,098 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.03.12 18:38:53 | 000,597,667 | ---- | C] () -- C:\Users\User\Desktop\adwcleaner.exe
[2013.03.11 13:24:49 | 000,000,000 | ---- | C] () -- C:\Users\User\defogger_reenable
[2013.03.05 12:27:22 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.09.25 14:55:32 | 000,260,580 | ---- | C] () -- C:\Windows\SysWow64\temp.bin
[2012.03.31 19:44:46 | 000,007,859 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.cat
[2012.03.31 19:44:46 | 000,001,167 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.inf
[2012.01.07 03:17:38 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.07 03:17:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.25 08:38:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.12.04 18:10:05 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.12.04 18:09:41 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.12.04 18:08:22 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.12.01 16:50:04 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.11.13 18:38:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011.11.13 18:36:20 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011.09.06 16:09:43 | 000,005,384 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.06 14:20:55 | 000,000,680 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2011.09.05 12:14:55 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.09.05 12:14:55 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.05 12:14:55 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.09.05 12:14:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.09.05 12:14:55 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > Extras.txt Code:
OTL Extras logfile created on: 13.03.2013 14:20:50 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 5,58 Gb Available Physical Memory | 70,48% Memory free
15,82 Gb Paging File | 13,49 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 4,65 Gb Free Space | 8,33% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 844,61 Gb Free Space | 90,67% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C73D9C5-2BDA-464A-9D1B-A0C04FFD5FFB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{23DBB31E-693F-46DF-9EC4-72AADF759832}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BBFD3BB-31C0-4466-9106-1CC0933D6E3F}" = lport=10301 | protocol=17 | dir=in | app=d:\programme\devolo\informer\devinf.exe |
"{2C11540E-F086-45B5-A17F-A65C1703A415}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{341AA7B3-A26E-40A9-A4D3-E3506C49C75B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B7DB9DF-EE73-4B09-B47E-FA8B283A6E40}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E1E3F51-6CE2-4CF1-9656-2E75C64EA297}" = rport=445 | protocol=6 | dir=out | app=system |
"{407B895E-09E2-47BC-BE77-7B804B684844}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{421ED6A4-84B5-4826-B4F9-7022E98F1FAF}" = rport=137 | protocol=17 | dir=out | app=system |
"{5048A0D5-5740-4541-80E0-31B618DFFF24}" = rport=139 | protocol=6 | dir=out | app=system |
"{5608EF56-9F21-4D5D-9E37-E20FBF41EAF7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5614465D-FB21-48DE-A393-A40FDA5DDB49}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{61909D1E-69F5-406B-B128-69015B36F95F}" = lport=139 | protocol=6 | dir=in | app=system |
"{6F1EFE78-7BE8-4427-90BA-F32514390790}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{7C83B537-821F-48F9-9F2E-746D51E95C08}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E854F9D-A226-4A61-A877-4056D8C3FFBE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E9E7F79-86E8-4B53-9950-A3555BA704EF}" = lport=138 | protocol=17 | dir=in | app=system |
"{838F7A0A-03EF-49CE-9D21-3DCDED33AC1E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9A7438C0-1404-4B2C-B1C7-8DC70634B16C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9CD0662D-B37A-4634-8203-30E7B176BB14}" = lport=10300 | protocol=6 | dir=in | app=d:\programme\devolo\informer\devinf.exe |
"{D1626298-3A92-46EB-BD63-65CF577ECB6E}" = rport=138 | protocol=17 | dir=out | app=system |
"{D2D08246-40B8-4EA3-AC21-F83BCD78D87F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D399BBAC-A93E-46FD-A5A2-E957989EE9B4}" = lport=137 | protocol=17 | dir=in | app=system |
"{E1AD1FAB-A3E9-4C11-8FD6-76AAAB836503}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9AD1F9F-F196-4078-879F-6D30CEA94FDC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFA11522-366E-45BB-8ECC-A14155D14B2A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009E8B6A-7D43-4A76-8914-95751F54C54D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0114DF8B-C1EE-415A-85C3-504280E0F979}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AF79B2D-539A-4EBC-9991-A478D6D754A9}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\scorch995\counter-strike source\hl2.exe |
"{0B44A1F2-1753-46DD-847D-FB831235BDEC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0C9D5662-5245-46FD-A0D5-2AD288CA9FF1}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\scorch995\counter-strike source\hl2.exe |
"{0CEEBFC6-DADA-49FE-AFF2-1258B5E2FD87}" = protocol=17 | dir=in | app=e:\alicecd.exe |
"{0F47C935-0C63-407D-9FF5-D38A3EA87058}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156CEFAE-EB29-4E64-8DA9-B03DF28E7D24}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1E78F0EF-D0D9-4469-985F-9FDABEEA68E5}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{20561629-F493-487A-BDAD-C6A0A3C477BC}" = protocol=6 | dir=in | app=d:\games\battlefield\fifa 13\game\fifa13.exe |
"{209F2C43-08EA-476C-8520-34FDDE142B72}" = protocol=17 | dir=in | app=d:\games\battlefield\fifa 13\game\fifa13.exe |
"{23C99E04-7C0E-400D-9FA1-B8E8B664A143}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{247332E6-FD69-419C-ADB6-0B2CD6A2B93F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{26E85FFB-92BA-476C-9B9C-C90890168F07}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{2CA7D15D-0450-4CB6-8741-F10FB3D026E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{34741385-231E-4597-B8C5-6053A44D825A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{367E5D9E-EFA5-4874-9C00-A4C6AF5C6AD0}" = protocol=6 | dir=out | app=system |
"{3D505BAA-88E0-406E-9299-6F2020258CC3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{46D532E2-AD02-4806-B46C-950A6C00DF22}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4B4020DB-9FBB-4380-B351-7B4E8DCD8E09}" = dir=in | app=c:\program files\eslwire\wire.exe |
"{507F13EF-4BAC-426B-9D62-786781A6BF93}" = protocol=6 | dir=in | app=e:\alicecd.exe |
"{59413495-D9FE-459B-877D-1F6990E654E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{66DD1FC0-0374-40D0-9B23-28B465828966}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{683A8074-3FF1-47A3-A3BB-D4BB3050F5D4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{694D9C83-6CCC-4D7A-8446-1E87EAA2EAA9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6AF98858-8D39-4DFD-8C99-1A5B067501FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6D160040-16C6-410A-9630-A9E0FDD71C4D}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\scorch995\counter-strike source\hl2.exe |
"{71CCF5F5-86D2-4E8D-BA96-1F3DA8AF543F}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{725BE1E1-2C9E-4432-8653-4BEE2BC6329C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{733D377A-E7DF-4E13-8BD4-9CE594389875}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A6F112B-B58D-4FAA-B4D5-841EA3044B8F}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{93067249-6505-4C5D-B97F-D27BBA68C248}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{989D1C85-2452-4563-9DD4-989AEC368E61}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C4097B7-597E-4364-962A-5B063F152334}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{9CC5F572-5A86-4A47-B1D0-281537391D20}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{9D3AFDF1-0CC4-4A37-B471-4388637A82AA}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\scorch995\counter-strike source\hl2.exe |
"{9FE23D71-E0B9-4BAE-9D33-2986BBCF8974}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A35B5615-2E97-468E-B63C-61271CFECAB6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\magix shared\upnpservice\upnpservice.exe |
"{A599D92A-25EB-4664-9F39-4A184079736B}" = dir=out | app=c:\program files\eslwire\wire.exe |
"{A706EA49-17F7-49CF-A765-00C2494A2535}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A7D4C512-E460-4E9E-B8D0-E274A70D8347}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\magix shared\upnpservice\upnpservice.exe |
"{B5DECC74-FF56-42C8-92CB-D7DFF1CCDB57}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BFBE5F53-B8C8-44AB-BDD7-7B993AAA6F8A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C2D21169-C106-4A69-ACC4-F70A668C8FAE}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C9E1AC2C-9167-4BDD-91D8-008C374734B6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D0FA66F4-8A5C-441A-B553-ECDEE1A793BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2B57B2A-6BA2-406D-9C50-00EC68AFA3B0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D62DBE4D-919E-4B8F-9E84-6C9B93467DE8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D7C189E8-023B-496D-A26C-7FAC46086B28}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E12C1FBD-66CE-4AC3-AFDD-77AF56AD9EBD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E193535D-C54A-4A2C-B5D5-C95A310FB55D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4AA6CE1-EC2E-4D45-9D31-584688AADC17}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{E738DFFF-3FFA-4D14-9F2D-1E146183D11A}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{EC5629D8-23DE-4238-BEAC-9D887825FE60}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{EE73A02A-71CA-4960-9E6A-DCD5E9B53E25}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8ED569F-8C07-4D20-895D-00F64FE3C9E0}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"TCP Query User{5179461C-30EC-4D7E-AB12-DB99EC65825A}C:\program files (x86)\origin games\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"TCP Query User{715A93EA-860B-4357-A24F-44E633202C50}D:\games\manager11.exe" = protocol=6 | dir=in | app=d:\games\manager11.exe |
"TCP Query User{866404C9-77FE-4F02-A47D-33D445D256B4}C:\users\adrian\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\adrian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{326D5A9D-23BF-40E6-9350-75965253E639}C:\users\adrian\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\adrian\appdata\roaming\spotify\spotify.exe |
"UDP Query User{3E0365F7-A40F-4705-A319-45B23B0D598D}D:\games\manager11.exe" = protocol=17 | dir=in | app=d:\games\manager11.exe |
"UDP Query User{787BB5B6-C221-4F70-8038-C26CFB638EA0}C:\program files (x86)\origin games\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = ASUS Bluetooth Suite
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy DS3 driver version 0.6.0005
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.11
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFD8C997-FE93-4C1C-A682-47B6C65F8417}" = English G 21 e-Workbook A4
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3
"{C3E9887A-23BA-4777-8080-191A5AFCAB74}" = Mumble 1.2.3
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}" = Razer Lycosa
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Afterburner" = MSI Afterburner 2.1.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.4" = ESN Sonar
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"Guitar Explorer 1.0" = Guitar Explorer 1.0
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.12.2
"MAGIX Music Maker Hip Hop Edition 2 D" = MAGIX Music Maker Hip Hop Edition 2 4.0.0.10 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 30" = Day of Defeat
"Steam App 440" = Team Fortress 2
"SystemRequirementsLab" = System Requirements Lab
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"VLC media player" = VLC media player 1.1.11
"XFastUsb" = XFastUsb
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.03.2013 08:35:19 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.03.2013 08:37:46 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:37:46 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:37:46 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 13.03.2013 08:41:33 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:41:33 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:41:33 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 13.03.2013 08:48:08 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:48:08 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 13.03.2013 08:48:08 | Computer Name = User-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
[ System Events ]
Error - 12.03.2013 17:07:00 | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 12.03.2013 17:09:00 | Computer Name = User-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 12.03.2013 17:09:00 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 13.03.2013 08:33:23 | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 13.03.2013 08:33:30 | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error - 13.03.2013 08:35:31 | Computer Name = User-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 13.03.2013 08:35:31 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 13.03.2013 08:39:30 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error - 13.03.2013 08:40:47 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR4 gefunden.
Error - 13.03.2013 08:46:12 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR7 gefunden.
< End of report > Das war es soweit von mir. Vielen Dank nochmal für die schnelle Antwort heute :daumenhoc
Mit freundlichen Grüßen
ene.mene.muh
P.S. Nach einem Neustart ist er wieder wie gewohnt schnell unterwegs. |