mojo22215 | 04.10.2012 20:00 | habe bereits den OTL von Oldtimer durchgeführt und folgende texte erhalten :
OTL.txt.datei:OTL Logfile: Code:
OTL logfile created on: 04.10.2012 20:37:44 - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Seven\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,24 Gb Available Physical Memory | 80,94% Memory free
8,00 Gb Paging File | 7,32 Gb Available in Paging File | 91,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 10,70 Gb Free Space | 21,91% Space Free | Partition Type: NTFS
Drive D: | 416,83 Gb Total Space | 121,96 Gb Free Space | 29,26% Space Free | Partition Type: NTFS
Drive Z: | 100,00 Mb Total Space | 61,69 Mb Free Space | 61,69% Space Free | Partition Type: NTFS
Computer Name: SEVEN-PC | User Name: Seven | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.04 20:19:31 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Seven\Downloads\OTL.exe
PRC - [2012.09.07 21:11:04 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.09.06 19:35:03 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2011.08.18 16:25:12 | 001,101,960 | ---- | M] () -- D:\Programme\AD-Ware\AWSC.exe
========== Modules (No Company Name) ==========
MOD - [2012.09.07 21:11:04 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.09.06 19:35:03 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.08.06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.07.28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.25 16:08:45 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.09.20 22:45:17 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 21:11:04 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.05 19:00:14 | 000,722,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.08.15 12:44:44 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- D:\Games\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2012.02.27 21:48:37 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.12.19 16:33:50 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- D:\Programme\AD-Ware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011.12.19 15:46:42 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- D:\Programme\AVG\avgwdsvc.exe -- (avg9wd)
SRV - [2011.12.19 15:44:49 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- D:\Programme\AVG\avgemc.exe -- (avg9emc)
SRV - [2011.11.10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- D:\Programme\AVG\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.09.08 17:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011.09.08 17:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Stopped] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.28 17:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto | Stopped] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.09.05 19:00:26 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.07.28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.05.14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.12.20 11:22:11 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2011.12.20 02:17:26 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.12.19 15:46:44 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2011.12.19 15:46:44 | 000,035,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2011.09.08 17:49:26 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2011.09.08 17:49:24 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2011.08.18 16:25:12 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010.11.26 19:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 7B 07 A4 51 BE CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{725D605C-ACA8-41B8-9FBC-0E72AC90CC2B}: "URL" = hxxp://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={611C58EC-8DDF-41CA-B881-085D98EA20F0}&mid=f7e5b9b9f61793af6313dbf486d57ab3-7ec935a7afec1fdcf665f4d6de688ab5dc84350b&lang=de&ds=AVG&pr=&d=2011-12-19 18:27:46&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.51.0
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10
FF - prefs.js..network.proxy.http: "199.195.109.21"
FF - prefs.js..network.proxy.http_port: 9090
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\@mail.ru/GameCenter: C:\Users\Seven\AppData\Local\Mail.Ru\GameCenter\NPDetector.dll (Mail.Ru)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: D:\Programme\AVG\Firefox [2011.12.19 16:38:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012.09.05 19:00:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:11:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:11:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.12.19 15:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seven\AppData\Roaming\mozilla\Extensions
[2012.09.17 19:43:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions
[2012.07.25 20:39:14 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.02.08 19:56:31 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.09.17 19:43:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.02 20:24:22 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.09.16 19:54:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Seven\AppData\Roaming\mozilla\Firefox\Profiles\tu6lldje.default\extensions\ich@maltegoetz.de
[2012.08.22 22:38:56 | 000,101,863 | ---- | M] () (No name found) -- C:\Users\Seven\AppData\Roaming\mozilla\firefox\profiles\tu6lldje.default\extensions\ciuvo-extension@icq.de.xpi
[2012.08.29 22:56:07 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Seven\AppData\Roaming\mozilla\firefox\profiles\tu6lldje.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.09.27 20:42:35 | 000,001,056 | ---- | M] () -- C:\Users\Seven\AppData\Roaming\mozilla\firefox\profiles\tu6lldje.default\searchplugins\icqplugin.xml
[2012.09.11 20:03:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.07 21:11:04 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.17 23:05:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.05 19:00:05 | 000,003,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.08.31 19:12:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.17 23:05:11 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.17 23:05:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.17 23:05:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.17 23:05:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.12.22 13:18:54 | 000,002,152 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.de
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.de
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.de
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.de
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.de
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.de
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.de
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.de
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.de
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.de
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.de
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.de
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 19 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programme\AVG\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programme\AVG\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVG9_TRAY] D:\Programme\AVG\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe ()
O4 - HKCU..\Run: [Azrove] C:\Users\Seven\AppData\Roaming\Etaf\ilymg.exe File not found
O4 - HKCU..\Run: [dsteegzxzxtwuff] C:\ProgramData\dsteegzx.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify] C:\Users\Seven\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Seven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Seven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\Icq7\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\Icq7\ICQ7.7\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C2DF0ED-F4F5-4539-8599-7C8C2EADBAE6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programme\AVG\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programme\AVG\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{cde79e81-2aea-11e1-b4e2-90e6bae1ce2e}\Shell - "" = AutoRun
O33 - MountPoints2\{cde79e81-2aea-11e1-b4e2-90e6bae1ce2e}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{ee93ba03-7bea-11e1-8708-90e6bae1ce2e}\Shell - "" = AutoRun
O33 - MountPoints2\{ee93ba03-7bea-11e1-8708-90e6bae1ce2e}\Shell\AutoRun\command - "" = H:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: BambooCore - hkey= - key= - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: EzPrint - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: GameCenterMailRu - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: lxeamon.exe - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Sony PC Companion - hkey= - key= - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - D:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Unable to open variant key
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ==========
[2012.10.04 19:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ifjeqzbxzmaphvc
[2012.10.03 19:05:10 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Roaming\Zuby
[2012.10.03 19:05:10 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Roaming\Quir
[2012.10.03 19:05:10 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Roaming\Etaf
[2012.10.03 01:14:22 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Roaming\runic games
[2012.09.30 19:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Syncrosoft
[2012.09.30 19:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2012.09.30 18:59:46 | 001,711,104 | ---- | C] (Steinberg Media Technologies GmbH) -- C:\Windows\SysNative\synsoacc.dll
[2012.09.30 18:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\eLicenser
[2012.09.22 21:42:29 | 000,000,000 | ---D | C] -- C:\Users\Seven\Documents\Games for Windows - LIVE Demos
[2012.09.22 21:16:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.09.21 17:55:13 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Local\Spotify
[2012.09.21 17:54:49 | 000,000,000 | ---D | C] -- C:\Users\Seven\AppData\Roaming\Spotify
[2012.09.07 21:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.05 19:00:26 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.04 20:04:50 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.10.04 20:04:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.04 20:04:06 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.04 19:45:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.04 19:39:33 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.04 19:39:33 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.04 19:26:05 | 000,076,359 | ---- | M] () -- C:\ProgramData\hxrnlgtkhzhiiqg
[2012.10.04 19:26:01 | 000,105,984 | ---- | M] () -- C:\Users\Seven\ms.exe
[2012.10.04 19:26:01 | 000,105,984 | ---- | M] () -- C:\ProgramData\dsteegzx.exe
[2012.10.04 18:55:06 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012.10.04 18:55:06 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012.10.04 18:54:35 | 096,450,964 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2012.09.30 19:01:24 | 000,002,892 | ---- | M] () -- C:\Windows\SysWow64\audcon.sys
[2012.09.30 18:59:47 | 000,000,051 | ---- | M] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2012.09.28 19:19:23 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.28 19:19:23 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.28 19:19:23 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.28 19:19:23 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.28 19:19:23 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.20 20:34:09 | 000,000,818 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2012.09.05 19:00:26 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.04 20:04:26 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.10.04 19:26:04 | 000,105,984 | ---- | C] () -- C:\ProgramData\dsteegzx.exe
[2012.10.04 19:26:02 | 000,076,359 | ---- | C] () -- C:\ProgramData\hxrnlgtkhzhiiqg
[2012.10.04 19:26:01 | 000,105,984 | ---- | C] () -- C:\Users\Seven\ms.exe
[2012.09.30 19:01:24 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2012.09.30 18:59:47 | 000,147,425 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Aide.chm
[2012.09.30 18:59:46 | 000,147,425 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Aide.chm
[2012.09.30 18:59:46 | 000,120,468 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Hilfe.chm
[2012.09.30 18:59:46 | 000,120,468 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Hilfe.chm
[2012.09.30 18:59:46 | 000,114,279 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Help.chm
[2012.09.30 18:59:46 | 000,114,279 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Help.chm
[2012.09.30 18:59:43 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2012.09.30 18:59:43 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2012.09.21 17:55:13 | 000,001,799 | ---- | C] () -- C:\Users\Seven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012.07.07 17:25:06 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.27 21:48:39 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.02.27 21:48:37 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.14 18:38:14 | 000,000,132 | ---- | C] () -- C:\Users\Seven\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.12.31 03:48:16 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.12.26 13:46:23 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXEAsmr.dll
[2011.12.26 13:46:22 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEAsm.dll
[2011.12.22 21:44:49 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.12.22 21:44:49 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.12.21 01:14:12 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.12.19 15:32:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.01.07 20:12:05 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Audacity
[2012.06.03 22:50:05 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Braid
[2012.07.31 00:17:57 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\DAEMON Tools Lite
[2012.05.11 18:10:45 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\DVDVideoSoft
[2012.02.08 19:56:31 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.04 19:31:35 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Etaf
[2011.12.23 02:20:19 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\FRITZ!
[2012.10.01 23:03:59 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\ICQ
[2011.12.19 16:46:15 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\IObit
[2011.12.19 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\LolClient
[2012.05.25 12:31:34 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\LolClient2
[2011.12.30 14:10:16 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\OpenOffice.org
[2012.05.27 15:45:20 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\PACE Anti-Piracy
[2012.10.04 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Quir
[2012.10.03 01:14:22 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\runic games
[2012.10.04 19:38:41 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Spotify
[2012.05.27 15:50:26 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.10.03 16:14:24 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Steinberg
[2012.07.25 00:18:40 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\TS3Client
[2011.12.29 21:22:54 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Ubisoft
[2012.10.03 16:14:24 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\VST3 Presets
[2012.05.11 18:41:53 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Wacom
[2012.05.11 18:42:01 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2012.08.31 19:57:04 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\YourFileDownloader
[2012.10.03 19:05:10 | 000,000,000 | ---D | M] -- C:\Users\Seven\AppData\Roaming\Zuby
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.03.21 19:47:15 | 000,000,000 | -H-D | M] -- C:\$AVG
[2012.07.13 21:23:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.02.01 13:30:25 | 000,000,000 | ---D | M] -- C:\AMD
[2011.12.19 15:29:01 | 000,000,000 | ---D | M] -- C:\ATI
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.12.19 15:15:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.12.26 13:59:49 | 000,000,000 | ---D | M] -- C:\logs
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.03 16:09:55 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.10.03 16:16:59 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.10.04 19:26:06 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.12.19 15:15:00 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.12.19 15:15:01 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.10.04 18:51:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.19 15:15:13 | 000,000,000 | R--D | M] -- C:\Users
[2012.10.04 20:04:06 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.07.14 03:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.07 14:07:59 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.10.04 20:04:26 | 000,000,328 | ---- | C] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.05.11 18:41:28 | 000,000,002 | ---- | M] () -- C:\Users\Seven\.bdockinstall.log
[2012.06.10 11:45:53 | 000,069,831 | ---- | M] () -- C:\Users\Seven\DesktopStCenter.txt
[2012.10.04 19:26:01 | 000,105,984 | ---- | M] () -- C:\Users\Seven\ms.exe
[2012.10.04 20:42:43 | 002,883,584 | -HS- | M] () -- C:\Users\Seven\NTUSER.DAT
[2012.10.04 20:42:42 | 000,262,144 | -HS- | M] () -- C:\Users\Seven\ntuser.dat.LOG1
[2011.12.19 15:15:16 | 000,000,000 | -HS- | M] () -- C:\Users\Seven\ntuser.dat.LOG2
[2011.12.19 15:19:52 | 000,065,536 | -HS- | M] () -- C:\Users\Seven\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.12.19 15:19:52 | 000,524,288 | -HS- | M] () -- C:\Users\Seven\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.12.19 15:19:52 | 000,524,288 | -HS- | M] () -- C:\Users\Seven\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.12.19 15:15:16 | 000,000,020 | -HS- | M] () -- C:\Users\Seven\ntuser.ini
[2012.07.14 02:03:37 | 000,062,976 | -HS- | M] () -- C:\Users\Seven\Thumbs.db
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 1248 bytes -> C:\Users\Seven\AppData\Local\Temp:HVwps2Wks5HfWCfjLdIwUa
@Alternate Data Stream - 1180 bytes -> C:\Users\Seven\AppData\Local\Temp:xgxtGMbprvYvdcwHU79JeDWQ
< End of report > --- --- ---
.
.
.
.
.
extra.txt.datei :OTL Logfile: Code:
OTL Extras logfile created on: 04.10.2012 20:37:44 - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Seven\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,24 Gb Available Physical Memory | 80,94% Memory free
8,00 Gb Paging File | 7,32 Gb Available in Paging File | 91,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 10,70 Gb Free Space | 21,91% Space Free | Partition Type: NTFS
Drive D: | 416,83 Gb Total Space | 121,96 Gb Free Space | 29,26% Space Free | Partition Type: NTFS
Drive Z: | 100,00 Mb Total Space | 61,69 Mb Free Space | 61,69% Space Free | Partition Type: NTFS
Computer Name: SEVEN-PC | User Name: Seven | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
htmlfile [edit] -- Reg Error: Unable to open value key
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe Creative Suite 5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
htmlfile [edit] -- Reg Error: Unable to open value key
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- D:\Programme\Adobe Creative Suite 5\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A0F21E-112E-410D-A45E-C6AC45EED0C9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{09019D06-2B50-4118-B979-9A2F317BC6DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C3C49AA-3FAA-4EF2-9EAA-80C3D82209F9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{19C90A4D-D3B4-4DCB-9C15-BB77254FC64B}" = lport=59023 | protocol=17 | dir=in | name=pando media booster |
"{1E3B74FB-C5A0-4633-AAB9-4BDC07EBE3B6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2E735434-6A42-4720-B496-7318DF078482}" = rport=445 | protocol=6 | dir=out | app=system |
"{30318389-5D43-46E2-BA54-287C08F9AFD4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{305C6589-B477-42D0-84C0-2980E9A348E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{353FC863-2E54-45D3-A4C8-65DAAE32E4E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50362F35-1273-4452-9202-C6D5E57F754E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{56440972-D293-462B-9BC0-D50BC471379B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CC51FD3-44C8-41C5-8FFD-494E860290DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{5F270CA2-8A94-4526-9FCC-1086D3CCEF8F}" = lport=139 | protocol=6 | dir=in | app=system |
"{702421F6-48FC-431F-AFF6-C8F066C2A6C0}" = lport=445 | protocol=6 | dir=in | app=system |
"{74670E63-E1D2-4D78-8F7F-7F6288BABA7C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{84B63441-4BA8-4C5F-8A4E-410096D5C70B}" = lport=59023 | protocol=17 | dir=in | name=pando media booster |
"{8649CD6B-0377-4AB9-8366-398FAE486CDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{87A78AC1-E4DC-4A7D-82BA-F27A6EDE8179}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A049C766-A366-4E28-9A13-63125FFFCF8A}" = lport=59023 | protocol=6 | dir=in | name=pando media booster |
"{AF3A7486-9FEC-4272-A309-B1070F7EE877}" = lport=138 | protocol=17 | dir=in | app=system |
"{BB598F63-AAF0-4E78-8070-FF1732CD3341}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher |
"{BD8AA0AE-B2B7-4093-88E8-E9407178BB0D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DDC7B6C1-7BF0-43C4-B517-83B09BD1A7AB}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher |
"{DE1804A0-5586-48F9-AA02-7735DF21BF0E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2504786-1212-496D-9504-72E903FB1AFD}" = lport=137 | protocol=17 | dir=in | app=system |
"{E6EA3BF1-96DD-4389-8FA0-8FA231E4D4B4}" = lport=59023 | protocol=6 | dir=in | name=pando media booster |
"{F1525A98-44B2-459C-80BD-18E83DC086AC}" = rport=139 | protocol=6 | dir=out | app=system |
"{F1994D3A-51B8-45CA-8B87-EFF85509986B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FBBD1CBD-6984-4096-AD0D-56110C07C7B0}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A6CF1B-B1AE-4D7C-B425-CB12794E6706}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\torchlight\torchlight.exe |
"{0771F7EC-3175-4183-8412-B119A39F762F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{07A7254B-2E3F-4005-A072-DD72D61EB72F}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{07CD126E-D610-4696-8E36-1253A47DA513}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{086664E4-80AD-4052-8990-378977177650}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{094047B6-FCA8-44F4-BE4D-BABAE57D90B3}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{0B727EF4-2959-4492-9D41-4971E8011CEC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0BA01CE7-3810-424A-9AC3-A606236BD09F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0EBE088F-3395-4BA3-A3A5-3048700BF092}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1128E111-CE95-44F4-9820-078112DAC8C8}" = protocol=17 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"{1206D464-3208-4B2F-9A1F-CBC649B6B8DB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A442E38-2DAA-4D93-9002-E29A38228056}" = dir=in | app=d:\programme\avg\avgupd.exe |
"{1D6E9C41-489A-453F-8DAE-AABFC373C3B2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{25311B31-D72A-41B0-A181-8B335E1F6089}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\counter-strike\hl.exe |
"{258E1156-4AEF-47BB-B6D7-45EEAD61CB75}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2B222BF1-FBD4-4E38-9920-ADDC991BD713}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30ECBFCD-B319-4D3E-8BE1-64215D78CC6F}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
"{32258D04-EA12-4D54-8B5B-5A3774FDD675}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{3303FF50-F5B1-4A43-911F-CABD1CCFE74E}" = dir=in | app=d:\programme\avg\avgnsa.exe |
"{34CC6206-141B-4E12-9078-B196FC298FD7}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{3581352C-944F-41A6-813E-877962DAE099}" = protocol=17 | dir=in | app=d:\games\riot games\league of legends\game\league of legends.exe |
"{3800B555-461C-40D4-ABAB-1D4568B9C620}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\moinneseli\counter-strike source\hl2.exe |
"{39FD4F2D-7046-492C-A18F-44195BCD215A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3B8BE04F-707F-44F9-A585-B2D9D1EF464A}" = dir=in | app=d:\programme\avg\avgemc.exe |
"{415241C9-56B1-4BC4-AA85-FF5FEE1FFBAE}" = protocol=6 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{423EC8EA-0F52-483E-BF01-1BA38AA8FB9F}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{42D0EEAF-F211-47E7-8EF0-A965750226F4}" = protocol=17 | dir=in | app=d:\games\riot games\league of legends\air\lolclient.exe |
"{44BA2AC2-ABA7-425A-B538-10EC77172949}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{46B3C77F-A9B2-4964-AD31-AF905961ACAF}" = protocol=17 | dir=in | app=d:\games\batman_asylum\binaries\shippingpc-bmgame.exe |
"{46B50C59-6945-4F96-AE41-1CCC5A731971}" = protocol=17 | dir=in | app=e:\alicecd.exe |
"{49B6A4F4-964A-4214-9AC6-F7BAD3F333FF}" = protocol=17 | dir=in | app=d:\games\assasins creed ii\assassinscreediigame.exe |
"{4E48F2EE-436B-48F6-BEA9-556EEA904E03}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50053230-DE1A-4910-970F-E24FB59ECA75}" = protocol=17 | dir=in | app=d:\games\apb reloaded\binaries\vivoxvoiceservice.exe |
"{518ECCE8-629B-4103-A0F9-E2CBA558EBCF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{542F95FB-7EF9-42CF-8CF1-2F06ED116D0D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{56000D40-E254-432B-B759-6224A69B5AD8}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{56B48694-B8C8-42EF-A8E6-46C324490673}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{5C22F230-9C57-48EE-9017-CE3487ADC5AC}" = protocol=17 | dir=in | app=d:\games\apb reloaded\binaries\vivoxvoiceservice.exe |
"{5D4F43D7-97F2-4248-AA20-EE9081A81AE4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E56E538-A8B4-4063-9AD6-110D90834C95}" = protocol=6 | dir=in | app=d:\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{626863CC-BD53-4AF7-8E5F-B4E2C420DCF9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{646853D6-AB6C-4BBD-B8C5-EAD347AB15D9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6682FB6F-3D00-4AA2-9439-392414B11B23}" = protocol=6 | dir=in | app=d:\games\apb reloaded\binaries\apb.exe |
"{682C9FE2-D7E0-4AE0-B902-88F7DD314FF2}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\webwaigd.exe |
"{69D243EE-14CE-4B55-9447-95D42A4E36B8}" = protocol=6 | dir=in | app=d:\games\riot games\league of legends\air\lolclient.exe |
"{6ACC0D7A-4A85-41B3-B9CD-A9A7C5C5297A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7024BB1B-0E53-4690-8434-1A1FB81EB31A}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{73F3AE0A-8BB2-4A2C-BCE5-128817794852}" = protocol=17 | dir=in | app=d:\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{7430F714-6647-495A-B7BC-E360F0323873}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75BE2DDB-F308-403C-8F61-86B93A9C1FB6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7713AE58-D6F7-4AAD-80BD-ADC9C044C7F3}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\counter-strike\hl.exe |
"{77359879-78B1-48E1-A64E-1BEAD5EF23F0}" = protocol=6 | dir=out | app=system |
"{871CCC64-9F31-4422-BB31-8033045A309B}" = protocol=6 | dir=in | app=d:\games\assasins creed ii\uplaybrowser.exe |
"{87A682DE-2973-4231-887B-4CA7D43D30F0}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\fboxupd.exe |
"{87CF10D4-EB7C-4BAE-835D-65266CA09969}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{8F454C25-E99E-4B12-91D0-0F1F96D87FB4}" = protocol=6 | dir=in | app=d:\games\apb reloaded\binaries\apb.exe |
"{9120E162-2D0C-4E92-B57F-D01D1D61BFAF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{99FA85E6-3894-47B6-A02C-A5741B5C78F2}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\counter-strike\hl.exe |
"{9FC17EF1-060B-4DCF-B8E3-64D69D4684FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A49AA610-AA25-4020-AAF2-13304869D663}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\rage\rage.exe |
"{A9A97A53-2ECF-4493-80AC-4DCDD400911D}" = protocol=17 | dir=in | app=c:\program files\fritz!dsl\igdctrl.exe |
"{AA399B82-5870-46B8-B36F-B4909FB9D073}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{ABA4E463-70D5-4735-AE56-FA09DD1B7F1E}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\moinneseli\counter-strike source\hl2.exe |
"{AC1AF938-676E-45EB-9C50-75CDA2B132FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0A7C346-777D-4861-AA10-267BEE6CEAE1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B385BA5B-D1D2-4B24-B478-AE980B457A68}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{B4894610-FFB8-4D65-A795-3C118BCDC065}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BBC2C38E-07FA-4D41-8A29-BE582819888C}" = protocol=17 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"{C1338284-B87D-4638-B2CE-33F015476C42}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{C38C9B1C-3032-46A5-978B-E92C5BCF7CA4}" = protocol=6 | dir=in | app=d:\games\riot games\league of legends\game\league of legends.exe |
"{CCCA26F0-F6F5-4708-8BC2-5321DC9D0085}" = protocol=6 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"{CEAAA99A-0D65-4F83-B5E6-4CB45FC62B3B}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{D090FB93-EB18-4248-AA23-5D18AD61A104}" = protocol=6 | dir=in | app=d:\games\apb reloaded\binaries\vivoxvoiceservice.exe |
"{D0ABA17E-A951-45F7-9D0B-CAE2293041F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D518B46C-B200-41C3-88B0-2253979BFB24}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5BCB82E-110E-4EC9-AF41-64ED2E5B3108}" = protocol=6 | dir=in | app=d:\games\assasins creed ii\assassinscreediigame.exe |
"{D9658B25-8B57-4B63-B35D-3193F5124935}" = protocol=6 | dir=in | app=d:\games\assasins creed ii\assassinscreedii.exe |
"{E052E830-1A14-4104-BF89-23E3E11D54B7}" = protocol=17 | dir=in | app=d:\games\assasins creed ii\assassinscreedii.exe |
"{E21B24F8-587D-4D36-8A32-61F3E3DD5FCB}" = protocol=6 | dir=in | app=d:\games\batman_asylum\binaries\shippingpc-bmgame.exe |
"{E784A58D-FBE6-4D84-95A4-E56F19CAE716}" = protocol=17 | dir=in | app=d:\games\apb reloaded\binaries\apb.exe |
"{E8C42FE8-3A0B-40B0-836C-D61B839B2B3F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EE4494CD-B57A-4B0C-BB91-E300BFD77189}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE9713F1-F039-4B08-92C8-1EF0901E13F6}" = protocol=6 | dir=in | app=d:\games\apb reloaded\binaries\vivoxvoiceservice.exe |
"{EEF060A1-8822-4E60-B660-5AE2DCF72935}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EF588B67-8BD6-4E03-AE19-557AF23DE7C9}" = protocol=17 | dir=in | app=d:\games\assasins creed ii\uplaybrowser.exe |
"{F1BA1B89-D666-454D-AAF8-9D0429BA84F0}" = protocol=6 | dir=in | app=e:\alicecd.exe |
"{F4A444F8-4D4A-44F9-B96C-9FC45D881C52}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F936155A-8219-4220-A1FC-788B7B71AE29}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\counter-strike\hl.exe |
"{FA63F864-1C57-4D07-8F32-4B0BCB573692}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{FCD96D59-48B2-4A28-A85C-CD6B7296F7D6}" = protocol=17 | dir=in | app=d:\games\apb reloaded\binaries\apb.exe |
"{FD06CD37-B9FB-439E-8C54-87F3ED05C6B2}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\torchlight\torchlight.exe |
"{FE068F27-0683-4C2A-8B96-A8CE50D9F777}" = protocol=6 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"{FE25CC4E-AD2A-4C56-9650-43101B08451A}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\rage\rage.exe |
"TCP Query User{0B216A71-DE23-444E-8CB3-7DE5A1307A05}D:\games\hon\hon.exe" = protocol=6 | dir=in | app=d:\games\hon\hon.exe |
"TCP Query User{0E8872AD-2001-4595-B8DC-B161E88C2628}D:\programme\steam\steamapps\moinneseli\pirates, vikings, and knights ii\hl2.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\moinneseli\pirates, vikings, and knights ii\hl2.exe |
"TCP Query User{1C94E711-FE54-48A2-9874-31005C50EF93}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{5E2FEE2B-61CA-4D92-92C7-8F00E5727816}D:\programme\icq7\icq7.7\icq.exe" = protocol=6 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"TCP Query User{64440937-EDA7-4AFA-9524-64CD5355B864}C:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" = protocol=6 | dir=in | app=c:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe |
"TCP Query User{794815CB-CEC3-4B76-B055-54CD825E709B}C:\users\seven\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\seven\appdata\local\temp\gw2.exe |
"TCP Query User{7C9CB44B-CD7C-43B2-90A0-8BDC28292043}D:\programme\steam\steamapps\seven_1_6\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\team fortress 2\hl2.exe |
"TCP Query User{812C40F6-986E-4DEB-A8B1-63F1471E8A78}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforge\nclauncher\nclauncher.exe |
"TCP Query User{8BDFC30D-8A7A-4A9F-9155-9FA8EC7C78CC}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gameforge\nclauncher\nclauncher.exe |
"TCP Query User{8ECCFCD8-315F-454B-9F40-7BB76C1D86D1}C:\users\seven\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\seven\appdata\roaming\spotify\spotify.exe |
"TCP Query User{BBE66F8F-B012-49D8-AF62-B04F51E2BB03}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C63014A3-6277-488C-999A-B76E97EE7B9C}C:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" = protocol=6 | dir=in | app=c:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe |
"TCP Query User{E9331241-1997-4E8F-B85D-E9E577D730D2}D:\programme\steam\steamapps\seven_1_6\pirates, vikings, and knights ii\hl2.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\pirates, vikings, and knights ii\hl2.exe |
"TCP Query User{EBE64BFF-40A1-4F57-9478-DA5E22C6C1EF}D:\programme\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=d:\programme\lolreplay\lolreplay.exe |
"TCP Query User{FA8EDF83-D87B-42FA-82B8-75F359D30538}D:\games\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\games\guild wars 2\gw2.exe |
"UDP Query User{1B5FF148-2065-4005-8886-9D301DBB96D6}C:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" = protocol=17 | dir=in | app=c:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe |
"UDP Query User{29627376-87D1-4C32-AE46-85B5E4B62011}C:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe" = protocol=17 | dir=in | app=c:\users\seven\appdata\local\mail.ru\gamecenter\gamecenter@mail.ru.exe |
"UDP Query User{2C883F4D-2C18-46CD-8545-BA139A03F24A}C:\users\seven\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\seven\appdata\local\temp\gw2.exe |
"UDP Query User{2D5B8988-CB73-473D-A197-264CF9399AB5}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforge\nclauncher\nclauncher.exe |
"UDP Query User{4558283E-1B34-4AE8-845C-9F0CC764C7ED}D:\programme\steam\steamapps\moinneseli\pirates, vikings, and knights ii\hl2.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\moinneseli\pirates, vikings, and knights ii\hl2.exe |
"UDP Query User{50FF3480-1151-490E-9FA1-F60119D47AC8}C:\users\seven\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\seven\appdata\roaming\spotify\spotify.exe |
"UDP Query User{65518E92-58C2-46A5-A9BB-2B4EDD61EA36}D:\programme\steam\steamapps\seven_1_6\pirates, vikings, and knights ii\hl2.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\pirates, vikings, and knights ii\hl2.exe |
"UDP Query User{7CE7375D-3616-4CB1-B266-BD4DEEC36E28}D:\programme\steam\steamapps\seven_1_6\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\seven_1_6\team fortress 2\hl2.exe |
"UDP Query User{A44AF554-43C1-43F0-A559-7D56C58C91FC}D:\games\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\games\guild wars 2\gw2.exe |
"UDP Query User{AD2A5710-9BCD-402D-984A-6322DC6FD904}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gameforge\nclauncher\nclauncher.exe |
"UDP Query User{C673719C-8474-4B20-B2EE-FF2A49EB471C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{CE427A72-ABF1-45EC-BEB9-B17B62CFA7E1}D:\games\hon\hon.exe" = protocol=17 | dir=in | app=d:\games\hon\hon.exe |
"UDP Query User{EB9EC281-BDD2-46F1-A565-3ED1204543A0}D:\programme\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=d:\programme\lolreplay\lolreplay.exe |
"UDP Query User{F11648E4-B997-4BD0-A474-4DBFE094EC5F}D:\programme\icq7\icq7.7\icq.exe" = protocol=17 | dir=in | app=d:\programme\icq7\icq7.7\icq.exe |
"UDP Query User{F8253143-5329-46CB-8A8C-B05FB44DDF2E}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2D5D9603-22CF-4B99-83F6-0CD20330F62E}" = FRITZ!DSL64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Pen Tablet Driver" = Bamboo
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 30
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45410935-B52C-468A-A836-0D1000058201}" = BulletStorm
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7604A79D-245D-45BB-AFBB-975DE69FFF80}" = Digidesign M-Audio Keyboard Personality 8.0
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CFABC775-5386-4BA5-86B4-505BBD36E812}" = Batman: Arkham Asylum Game of the Year Edition
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.065
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB32F52B-0D1C-4214-91A6-5B2DA15A5238}" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"APB Reloaded" = APB Reloaded
"Audiograbber" = Audiograbber 1.83 SE
"AVG9Uninstall" = AVG Free 9.0
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Bamboo Dock" = Bamboo Dock
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Commandos 2: Men of Courage_is1" = Commandos 2: Men of Courage
"Commandos 3: Destination Berlin_is1" = Commandos 3: Destination Berlin
"Commandos Strike Force_is1" = Commandos Strike Force
"Commandos: Hinter feindlichen Linien_is1" = Commandos: Hinter feindlichen Linien
"Commandos: Im Auftrag der Ehre_is1" = Commandos: Im Auftrag der Ehre
"Der Herr der Ringe - Der Krieg im Norden (c) Warner Bros._is1" = Der Herr der Ringe - Der Krieg im Norden (c) Warner Bros. version 1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
"GamersFirst LIVE!" = GamersFirst LIVE!
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"Guild Wars 2" = Guild Wars 2
"LOLReplay" = LOLReplay
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Massive" = Native Instruments Massive
"NCLauncher_GameForge" = NC Launcher (GameForge)
"PunkBusterSvc" = PunkBuster Services
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 10" = Counter-Strike
"Steam App 17570" = Pirates, Vikings, & Knights II
"Steam App 240" = Counter-Strike: Source
"Steam App 41500" = Torchlight
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 440" = Team Fortress 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 1.0.3
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameCenterMailRu" = Игровой центр@Mail.Ru
"Limbo" = LIMBO
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.10.2012 13:24:53 | Computer Name = Seven-PC | Source = TabletServicePen | ID = 1
Description =
Error - 04.10.2012 12:51:15 | Computer Name = Seven-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: avgtray.exe, Version: 9.0.0.926,
Zeitstempel: 0x4f13ec5a Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001528e ID des fehlerhaften
Prozesses: 0x2dc Startzeit der fehlerhaften Anwendung: 0x01cda2506dafa760 Pfad der
fehlerhaften Anwendung: D:\Programme\AVG\avgtray.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: b53763c0-0e43-11e2-8a26-90e6bae1ce2e
Error - 04.10.2012 13:11:39 | Computer Name = Seven-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 15.0.1.4631 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1444 Startzeit:
01cda25199bceab0 Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
8d60d041-0e46-11e2-8a26-90e6bae1ce2e
Error - 04.10.2012 13:14:27 | Computer Name = Seven-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 15.0.1.4631 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 568 Startzeit:
01cda253aeb5d7a4 Endzeit: 10 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
f0ec6715-0e46-11e2-8a26-90e6bae1ce2e
Error - 04.10.2012 14:10:43 | Computer Name = Seven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3B1EFD3A66EA28B16697394703A72CA340A05BD5.crt>.
Fehler: 12007 (0x2ee7).
Error - 04.10.2012 14:10:43 | Computer Name = Seven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3B1EFD3A66EA28B16697394703A72CA340A05BD5.crt>.
Fehler: Diese Netzwerkverbindung ist nicht vorhanden. .
Error - 04.10.2012 14:10:43 | Computer Name = Seven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3B1EFD3A66EA28B16697394703A72CA340A05BD5.crt>.
Fehler: Diese Netzwerkverbindung ist nicht vorhanden. .
Error - 04.10.2012 14:10:43 | Computer Name = Seven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3B1EFD3A66EA28B16697394703A72CA340A05BD5.crt>.
Fehler: Diese Netzwerkverbindung ist nicht vorhanden. .
Error - 04.10.2012 14:42:33 | Computer Name = Seven-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Seven\Downloads\SoftonicDownloader_fuer_audacity.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 04.10.2012 14:42:33 | Computer Name = Seven-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Seven\Downloads\SoftonicDownloader_fuer_easeus-data-recovery-wizard.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
[ System Events ]
Error - 19.08.2012 11:12:32 | Computer Name = Seven-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 19.08.2012 14:26:07 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 19.08.2012 14:26:11 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxeaCATSCustConnectService erreicht.
Error - 19.08.2012 14:26:11 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxeaCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 19.08.2012 14:26:40 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.08.2012 16:32:03 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.08.2012 16:32:07 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxeaCATSCustConnectService erreicht.
Error - 20.08.2012 16:32:07 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxeaCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 20.08.2012 16:32:28 | Computer Name = Seven-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.08.2012 16:34:21 | Computer Name = Seven-PC | Source = DCOM | ID = 10016
Description =
< End of report > --- --- --- |