| Konamalunu | 12.03.2013 21:32 |
Vielen Dank für die Hilfe.
Weil im anderen Thread bei Schritt 1 stand, dass man beim defogger nicht ohne Anweisung des Teams auf re-enable klicken soll, habe ich ihn wärend des Scans offen gelassen. Dazu war noch Antivir geöffnet, allerdings kein Dienst davon aktiviert. Wenn das schlimm ist, wiederhole ich den Scan gerne nochmal.
OTL:
OTL Logfile: Code:
OTL logfile created on: 12.03.2013 21:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konamalunu\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,88 Gb Available Physical Memory | 73,52% Memory free
16,00 Gb Paging File | 14,02 Gb Available in Paging File | 87,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 398,17 Gb Total Space | 309,87 Gb Free Space | 77,82% Space Free | Partition Type: NTFS
Drive D: | 1464,75 Gb Total Space | 1235,93 Gb Free Space | 84,38% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 365,29 Gb Free Space | 39,21% Space Free | Partition Type: NTFS
Drive H: | 517,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KONAMALUNU-PC | User Name: Konamalunu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.12 21:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Konamalunu\Desktop\OTL.exe
PRC - [2013.03.12 21:13:21 | 000,050,477 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Defogger.exe
PRC - [2013.02.12 17:49:43 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.12 17:46:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.12 17:46:53 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.26 19:08:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.25 14:10:22 | 000,185,856 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe
PRC - [2011.05.24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.04.26 10:20:48 | 001,101,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2010.12.02 03:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010.11.26 20:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010.10.21 10:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.12 21:13:21 | 000,050,477 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Defogger.exe
MOD - [2012.10.10 12:23:16 | 002,068,504 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2011.03.04 09:33:44 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2009.05.21 09:14:14 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.01.24 14:22:06 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.02.27 23:25:07 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.12 17:49:43 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.12 17:46:54 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.26 19:08:23 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.23 13:17:18 | 000,040,960 | ---- | M] () [Disabled | Stopped] -- C:\Users\Konamalunu\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.09.01 22:44:43 | 000,529,744 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.06.25 14:10:22 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2011.05.24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.12.02 03:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010.10.21 10:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.01.24 14:29:20 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.01.24 14:23:25 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.01.24 14:20:26 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.12.11 16:00:49 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.11 16:00:49 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.01 13:23:58 | 000,021,832 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2012.06.23 10:02:56 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.02 09:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 09:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.01 10:12:24 | 000,097,040 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.02.18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.08.23 23:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.11.01 05:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FF 8D 80 61 6F 45 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&k=0
IE - HKCU\..\SearchScopes\{2C2F11E4-3649-4C87-99A3-103DCF54857D}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{304D693A-4C9A-4488-9393-DEFF34D76366}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{48485533-17A2-49EE-AE43-EE294AE383C0}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{61C99803-57C1-4C8B-9612-9411393EB491}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{6C1BF96A-7E71-4010-B9A0-1DD9E1A5F5AD}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{9977B9A0-9B93-4AC8-A2C4-16563173DA13}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com.anonymize-me.de/?anonymto=687474703A2F2F6D7973746172742E696E63726564696261722E636F6D2F6D623136372F3F7365617263683D7B7365617263685465726D737D266C6F633D49425F445326613D365051443434657A4A3026693D3236&st={searchTerms}&clid=d61080f9-fba8-4565-b573-56691d99c6bd&pid=nc&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Konamalunu\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Konamalunu\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.07.10 19:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.10 19:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 12:18:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.12 13:09:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\Konamalunu\AppData\Roaming\Mozilla\Firefox\Profiles\1dcuert9.default\extensions\firejump@firejump.net
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Konamalunu\AppData\Roaming\Mozilla\Firefox\Profiles\orop3g72.default\extensions\extension@preispilot.com
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.10 17:05:57 | 000,000,000 | ---D | M]
[2012.07.13 15:55:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\Extensions
[2013.03.08 22:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\Firefox\Profiles\orop3g72.default\extensions
[2013.03.08 22:20:18 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\Firefox\Profiles\orop3g72.default\extensions\ich@maltegoetz.de
[2012.09.24 16:05:25 | 000,110,795 | ---- | M] () (No name found) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\firefox\profiles\orop3g72.default\extensions\extension@preispilot.com.xpi
[2013.02.24 18:42:28 | 000,171,863 | ---- | M] () (No name found) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\firefox\profiles\orop3g72.default\extensions\jid0-hyjN250ZzTOOX3evFwwAQBxE4ik@jetpack.xpi
[2013.02.14 20:26:45 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Konamalunu\AppData\Roaming\mozilla\firefox\profiles\orop3g72.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.23 13:17:21 | 000,001,862 | ---- | M] () -- C:\Users\Konamalunu\AppData\Roaming\mozilla\firefox\profiles\orop3g72.default\searchplugins\{91BA3FEC-25B1-4C00-AA0D-ED3CA4A9EA93}.xml
[2013.03.08 12:18:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.08 12:18:49 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.11 17:32:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.11 17:32:36 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.11 17:32:36 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.11 17:32:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.11 17:32:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.11 17:32:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\Application\25.0.1364.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.462_0\npbrowserext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Konamalunu\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Proxy Switchy! = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\
CHR - Extension: Adblock Plus = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Web Assistant = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.462_0\
CHR - Extension: BugMeNot Lite = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb\0.3.10_0\
CHR - Extension: Settings Protector = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Steins; Gate Theme2 = C:\Users\Konamalunu\AppData\Local\Google\Chrome\User Data\Default\Extensions\plddppaedppoghagchoehpmpojfmjlnf\2_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.6.4.1\claroTlbr.dll (Montera Technologeis LTD)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48873A86-FFE5-4F3E-87C6-7F4D6A8CC7A2}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\utilman.exe: Debugger - C:\Windows\SysNative\cmd.exe (Microsoft Corporation)
O27 - HKLM IFEO\utilman.exe: Debugger - C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1998.08.19 13:07:30 | 000,000,057 | R--- | M] () - H:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{080f2ccb-3628-11e2-b8df-5404a6b5c70d}\Shell - "" = AutoRun
O33 - MountPoints2\{080f2ccb-3628-11e2-b8df-5404a6b5c70d}\Shell\AutoRun\command - "" = G:\CMADownloader.exe
O33 - MountPoints2\{3458ea85-b211-11e1-b3c5-5404a6b5c70d}\Shell - "" = AutoRun
O33 - MountPoints2\{3458ea85-b211-11e1-b3c5-5404a6b5c70d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d3a7e59e-bd04-11e1-948e-5404a6b5c70d}\Shell - "" = AutoRun
O33 - MountPoints2\{d3a7e59e-bd04-11e1-948e-5404a6b5c70d}\Shell\AutoRun\command - "" = H:\LAUNCHER\Launcher.exe -- [1999.01.05 17:57:48 | 001,810,944 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.12 21:16:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Konamalunu\Desktop\OTL.exe
[2013.03.12 19:50:19 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\Prozess Monitor
[2013.03.12 13:09:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.12 12:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.03.12 12:56:12 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\Malwarebytes
[2013.03.12 12:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.12 12:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.12 12:55:58 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.12 12:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.12 12:41:55 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\Skype
[2013.03.12 12:41:45 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.03.12 12:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.03.12 12:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.11 20:51:33 | 000,000,000 | RHSD | C] -- C:\Users\Konamalunu\S-80-5421-8975-4765
[2013.03.11 20:03:23 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Documents\Amazon MP3
[2013.03.11 20:03:23 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\Amazon
[2013.03.11 20:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.03.11 20:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2013.03.10 14:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
[2013.03.09 21:59:01 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\SimCity 2000 portable
[2013.03.09 21:30:08 | 000,000,000 | RH-D | C] -- C:\Users\Konamalunu\AppData\Roaming\SecuROM
[2013.03.08 15:12:10 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\Logo
[2013.03.08 12:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.03 12:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\NetSpeedMonitor
[2013.03.02 13:06:56 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Documents\ManiaPlanet
[2013.03.02 13:05:33 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.03.02 13:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet
[2013.03.02 13:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ManiaPlanet
[2013.02.27 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\VX_CONVERSIONS
[2013.02.27 13:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Character Hub
[2013.02.26 12:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Bohemia Interactive Studio
[2013.02.25 15:37:59 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Local\dxhr
[2013.02.25 15:36:59 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Documents\ALI213
[2013.02.25 15:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square Enix
[2013.02.21 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.02.21 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.02.21 17:35:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.02.21 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2013.02.19 20:39:38 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\Take Care, Take Care, Take Care (2011)
[2013.02.13 21:55:05 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\Desktop\Hybris-Rebirth Gold
[2013.02.11 22:11:08 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.02.11 22:11:08 | 000,000,000 | ---D | C] -- C:\Users\Konamalunu\AppData\Roaming\Adobe Mini Bridge CS5.1
========== Files - Modified Within 30 Days ==========
[2013.03.12 21:18:00 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1385461645-692334142-1717871527-1000UA.job
[2013.03.12 21:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Konamalunu\Desktop\OTL.exe
[2013.03.12 21:14:35 | 000,000,168 | ---- | M] () -- C:\Users\Konamalunu\defogger_reenable
[2013.03.12 21:13:21 | 000,050,477 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Defogger.exe
[2013.03.12 21:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.12 12:56:00 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.12 12:41:45 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.03.12 12:25:00 | 000,015,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 12:25:00 | 000,015,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.12 12:24:34 | 001,699,070 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.12 12:24:34 | 000,741,246 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.12 12:24:34 | 000,665,454 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.12 12:24:34 | 000,161,870 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.12 12:24:34 | 000,133,280 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.12 12:18:37 | 000,000,000 | -H-- | M] () -- C:\Users\Konamalunu\AppData\Roaming\winsvcns.sys
[2013.03.12 12:17:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.12 12:17:25 | 2146,783,231 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.11 21:00:05 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.11 21:00:05 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.11 20:59:53 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.11 14:57:54 | 012,531,264 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Xylit.psd
[2013.03.11 13:58:43 | 021,858,132 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Kokosblütenzucker-alt.psd
[2013.03.11 13:44:53 | 000,000,132 | ---- | M] () -- C:\Users\Konamalunu\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.03.10 14:53:34 | 000,000,704 | ---- | M] () -- C:\Users\Konamalunu\Desktop\SIMCITY3000.mds
[2013.03.06 11:18:01 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1385461645-692334142-1717871527-1000Core.job
[2013.03.02 13:05:32 | 000,000,693 | ---- | M] () -- C:\Users\Public\Desktop\ManiaPlanet.lnk
[2013.02.27 13:36:22 | 000,011,626 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Ciel.png
[2013.02.27 13:16:19 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Game Character Hub.lnk
[2013.02.26 15:54:47 | 000,000,751 | ---- | M] () -- C:\Users\Konamalunu\Desktop\pcsx2-r5576 - Verknüpfung.lnk
[2013.02.21 20:27:30 | 000,001,123 | ---- | M] () -- C:\Users\Konamalunu\Desktop\Antichamber.lnk
[2013.02.16 19:48:03 | 000,001,682 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
========== Files Created - No Company Name ==========
[2013.03.12 21:14:35 | 000,000,168 | ---- | C] () -- C:\Users\Konamalunu\defogger_reenable
[2013.03.12 21:13:20 | 000,050,477 | ---- | C] () -- C:\Users\Konamalunu\Desktop\Defogger.exe
[2013.03.12 12:56:00 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.12 12:41:45 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.03.11 20:51:38 | 000,000,000 | -H-- | C] () -- C:\Users\Konamalunu\AppData\Roaming\winsvcns.sys
[2013.03.11 14:32:22 | 012,531,264 | ---- | C] () -- C:\Users\Konamalunu\Desktop\Xylit.psd
[2013.03.11 13:58:41 | 021,858,132 | ---- | C] () -- C:\Users\Konamalunu\Desktop\Kokosblütenzucker-alt.psd
[2013.03.10 14:51:20 | 000,000,704 | ---- | C] () -- C:\Users\Konamalunu\Desktop\SIMCITY3000.mds
[2013.03.02 13:05:32 | 000,000,693 | ---- | C] () -- C:\Users\Public\Desktop\ManiaPlanet.lnk
[2013.02.27 13:35:22 | 000,011,626 | ---- | C] () -- C:\Users\Konamalunu\Desktop\Ciel.png
[2013.02.27 13:16:19 | 000,000,736 | ---- | C] () -- C:\Users\Public\Desktop\Game Character Hub.lnk
[2013.02.26 15:54:47 | 000,000,751 | ---- | C] () -- C:\Users\Konamalunu\Desktop\pcsx2-r5576 - Verknüpfung.lnk
[2013.02.21 20:27:30 | 000,001,123 | ---- | C] () -- C:\Users\Konamalunu\Desktop\Antichamber.lnk
[2012.12.26 12:33:07 | 000,020,289 | ---- | C] () -- C:\Windows\SysWow64\KmSNMPIF.ini
[2012.12.26 12:32:49 | 000,000,027 | ---- | C] () -- C:\Windows\EZSET_SP.INI
[2012.12.26 12:32:25 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\KmTwain.ini
[2012.10.28 11:06:53 | 000,000,056 | RHS- | C] () -- C:\Windows\SysWow64\C376C76F9C.sys
[2012.10.28 11:06:49 | 000,001,682 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012.10.22 18:06:11 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\RGSS104J.dll
[2012.10.22 18:06:11 | 000,758,272 | ---- | C] () -- C:\Windows\SysWow64\RGSS104E.dll
[2012.10.22 18:06:11 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2012.10.20 20:51:03 | 000,000,132 | ---- | C] () -- C:\Users\Konamalunu\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012.10.19 14:19:37 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
[2012.10.19 14:19:36 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2012.10.19 14:19:36 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2012.09.23 13:20:33 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012.09.09 18:49:46 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.07.24 13:01:39 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012.07.14 10:44:38 | 001,672,414 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.06 14:52:48 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.06.24 20:49:51 | 000,000,132 | ---- | C] () -- C:\Users\Konamalunu\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.06.09 00:12:02 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012.06.09 00:11:52 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012.06.08 22:22:08 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.06.08 22:22:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.06.08 12:59:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.08 12:32:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.08 12:32:09 | 000,027,128 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.02.15 03:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 03:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.02.03 15:37:05 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\.minecraft
[2013.03.11 20:03:23 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Amazon
[2012.09.07 17:31:30 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Auslogics
[2012.09.06 15:05:41 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Awesomium
[2012.08.13 20:43:03 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Babylon
[2012.08.13 20:44:50 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\BabylonToolbar
[2012.06.27 13:51:58 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Cobalt
[2012.07.08 14:46:06 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\DAEMON Tools Lite
[2012.06.08 12:45:10 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\DAEMON Tools Pro
[2012.09.23 13:17:28 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\DesktopIconForAmazon
[2012.06.10 16:21:32 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Downloaded Installations
[2012.11.03 12:07:07 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\DVDVideoSoft
[2012.10.21 10:11:16 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Enterbrain
[2013.01.19 12:53:13 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\LolClient
[2012.08.13 10:36:26 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\MAGIX
[2013.01.18 20:34:05 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\MotioninJoy
[2012.09.23 13:17:18 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\OCS
[2012.09.23 13:17:21 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Opera
[2012.11.30 16:31:43 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Origin
[2012.11.18 12:18:01 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\pdfforge
[2012.06.27 19:25:05 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\six-updater
[2012.06.27 19:24:20 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\six-zsync
[2013.02.13 11:35:20 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Spotify
[2013.02.11 22:11:08 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.06.25 21:45:14 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Subversion
[2012.07.11 17:49:19 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\TestApp
[2012.06.25 19:08:00 | 000,000,000 | ---D | M] -- C:\Users\Konamalunu\AppData\Roaming\Thunderbird
========== Purity Check ==========
========== Files - Unicode (All) ==========
(C:\Users\Konamalunu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???) -- C:\Users\Konamalunu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\惰眠ズ
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????·????~) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\とらぶる・だいあり~
========== Alternate Data Streams ==========
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 12.03.2013 21:17:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Konamalunu\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,88 Gb Available Physical Memory | 73,52% Memory free
16,00 Gb Paging File | 14,02 Gb Available in Paging File | 87,64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 398,17 Gb Total Space | 309,87 Gb Free Space | 77,82% Space Free | Partition Type: NTFS
Drive D: | 1464,75 Gb Total Space | 1235,93 Gb Free Space | 84,38% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 365,29 Gb Free Space | 39,21% Space Free | Partition Type: NTFS
Drive H: | 517,11 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: KONAMALUNU-PC | User Name: Konamalunu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Konamalunu\S-80-5421-8975-4765\winmgr.exe" = C:\Users\Konamalunu\S-80-5421-8975-4765\winmgr.exe:*:Enabled:Microsoft Windows Manager
"C:\Users\Konamalunu\S-80-5421-8975-4765\winmgr.exe" = C:\Users\Konamalunu\S-80-5421-8975-4765\winmgr.exe:*:Enabled:Microsoft Windows Manager
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004C0EBC-FCD4-4C12-A0B9-7EE2C40E3772}" = lport=10243 | protocol=6 | dir=in | app=system |
"{01F7F450-5F14-4133-B9E5-D36FD4B2F9C6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{02F27E51-1C87-42FD-A647-BB9876397E1E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0A630C24-7C19-4EE9-BCEA-A2E6AFE7B3E4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CAF1196-E541-4A42-B3B5-C6DDA06731C9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1E152EFC-036F-4A44-A886-4A85AFFF9277}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F277464-F395-422B-949E-341D68045441}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2198FD26-3771-4D25-84B4-4693052D4898}" = lport=137 | protocol=17 | dir=in | app=system |
"{424CCCD8-5BD6-4A87-BB81-EDA471015F9B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44820341-0CF1-4A09-9B94-3EE6BD96ECC7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{471C4E13-4BB0-49F9-B5AB-F588D29E9488}" = rport=10243 | protocol=6 | dir=out | app=system |
"{48D50BFE-B54A-49C3-B697-34990CA2F67B}" = lport=138 | protocol=17 | dir=in | app=system |
"{4BF646B9-9D3E-4FA6-8EC9-F9AE383DF629}" = rport=445 | protocol=6 | dir=out | app=system |
"{4F201B65-56BE-4356-A6B2-4288FA5FD56D}" = rport=139 | protocol=6 | dir=out | app=system |
"{601046DE-197E-4B38-BC62-A002DA5F0F7D}" = lport=445 | protocol=6 | dir=in | app=system |
"{7501A97D-455A-46C4-ADCF-7342D6F19EAA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7CCD3B8F-F0ED-46A2-9478-A999FB05ACB3}" = rport=137 | protocol=17 | dir=out | app=system |
"{9D4F4411-96D7-4AF9-9E14-2045FE21E78B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B36D53E3-0676-4CDE-B40A-0B24A4AB7520}" = rport=138 | protocol=17 | dir=out | app=system |
"{CC361FA4-FEF9-4974-91CD-6DF3D052BF60}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0F1620A-B448-4A5F-B8A9-FC8A7392D086}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1E56E66-C73E-4ECD-B99C-36CA3CE3110C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F9B96FBD-D57A-4563-B2DF-C859DED40BBC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11C82FAB-7D2E-41C2-9F38-EDCF5867D553}" = protocol=6 | dir=out | app=system |
"{252DE789-EB40-430D-81DE-E1F1C839D3CF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{275F7D2D-60AB-487F-866C-03127A6962A5}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman2\runlauncher.bat |
"{2E7C0545-1301-4EF3-8B7C-4AC1E27B8CA5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3B1342ED-DBD1-4631-9292-DE7790DA5C60}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4BD0804F-F7E3-4929-AF5B-3DB82E48BB4A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FD43BC9-7CA6-493E-B671-5002A29060E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FDDC508-44E9-4E79-9EBD-6C8956CEA0A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{528DE895-C6F3-460F-8C2C-00859637BC0C}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\battlefield 3\bf3.exe |
"{54EFC5FC-3552-44E1-B3BB-A067E1C258AD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5899014B-5692-4299-ABF7-313AB30F42AE}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hydrophobia\hydropc.exe |
"{5E88CEFC-7149-42F9-833F-FAEBB171C67C}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman2\runlauncher.bat |
"{601EAE81-CA03-4755-A955-AE3070E9B4CB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{6055CC90-58FC-4C53-9638-F7B7C96B5C5E}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{62F79B3E-FFB9-4328-A4C4-BD1B8D9E6B67}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6B099C8E-F565-4720-A0DF-060247845B2A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{751AC770-0174-420A-B799-3F0107369299}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{77E342BA-EE31-4338-B1FC-9F804C87661D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7D0CA108-D188-45D0-A111-72CD6BFFDA11}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{80999366-3975-4ACA-917C-B815D7EB4610}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82CE1EDF-6205-434B-A7F9-2D0375CBBC04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{89834CAF-8A7F-4102-9021-A45401C5358C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89E8F766-0799-4863-A99F-DFDD88939270}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F7A4994-32F0-4085-A031-A50763060512}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{95096F77-8002-4827-BB53-03C4E9285A87}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\batman2\binaries\win32\batmanac.exe |
"{A2783EC8-0140-4B25-8563-3E4C051482A6}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{A3118A3D-3A43-4FFB-86DA-9C7BA4963997}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AB2B02C2-2FC1-461E-9CA0-AC2362376B1A}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{B1456678-F7EA-4081-B0BE-A8E27D7C872E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B39DB2D0-1C36-4197-9969-0DB99255A786}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C0AF8AEF-DC9C-466B-ACC8-4FF277CE4153}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C8124D44-9162-4768-AB2F-6949B1C21AF5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D5C95D23-BEE2-4F4A-9DEF-8F20ADFE6A46}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9AA3A6E-A12B-4E79-9E3C-2859A392E531}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E3868E09-23BD-4F57-9464-3D63ABAC2BD9}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\battlefield 3\battlefield 3\bf3.exe |
"{F90EA150-2E59-4899-9EDC-B43EE50C17C6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F9381B0C-EFBB-4290-A536-3754CEB7CA3D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FC096C0B-9B97-4661-A5D4-7634756C2C51}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FC54C3E9-CC48-4BEE-8719-EAA057E270A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE4AF769-66DC-47A7-AEEA-99AD9464A702}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\hydrophobia\hydropc.exe |
"TCP Query User{02E190FB-5AA3-4D08-AD96-E49C89D9EFB4}F:\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=f:\far cry 2\bin\farcry2.exe |
"UDP Query User{0812A3A2-4F4E-4C16-9706-CF146FB80026}F:\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=f:\far cry 2\bin\farcry2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.462
"{4371D69B-FB6A-4A61-8477-C1B919FB2311}" = TortoiseSVN 1.7.7.22907 (64 bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"DesktopIconAmazon" = Desktop Icon für Amazon
"KMnet Viewer" = KMnet Viewer
"Kyocera Product Library" = Kyocera Product Library
"SearchAnonymizer" = SearchAnonymizer
"UDK-adafddc3-f456-4ba8-9699-6e63c19ae0a9" = My Game Long Name
"UDK-e102c087-45e1-4ae2-8f0c-71890b16a345" = My Game Long Name
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{014CE100-0A6D-4E45-BC93-A867127AEAFC}" = Battle Raper 2
"{02C2B318-E2DF-4EC4-AD1B-9FF3DD774A04}" = MAGIX Video deluxe MX Plus
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0578A699-51A3-453B-B3F7-433EFD189942}" = ILLUSION プレミアムプレイ
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D5DD424-A25E-47EC-A68D-EC7C646517EE}" = MAGIX Screenshare
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19661D1F-932A-4845-A562-10907870E8D1}_is1" = ILLUSION Sexy Beach ZERO
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1AB16B10-3B55-499E-9918-5527DD082C6D}" = ILLUSION 人工少女2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224E185A-DCC7-45C5-B04D-77E6CE82D83E}_is1" = tConfig version 0.23.8
"{28E3D4C3-5ADA-4016-AA92-0238FE2BCF07}" = ILLUSION ぐらびあビーチ
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{315378D5-9574-4BD6-A197-BF8A146E3330}" = ILLUSION Sexyフラッシュ
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = piaip AppLocale
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}" = ILLUSION ジンコウガクエン きゃらめいく
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{629321C7-65DC-4F59-BB36-32740D228A94}" = TEdit 3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6A56B2F6-5F4F-4FC5-8508-3EDA1D048744}" = MAGIX Speed burnR (MSI)
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D6C511F-10D4-4635-B6CC-26E4ADF264E4}" = ネトワクネトラル カレマチカノジョ
"{6F740E3C-B7B6-4FC9-A9C6-003CC4CF55FF}" = ILLUSION ハッピーエンドトリガー
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{7B581FC8-F0BA-4D21-9623-726AAF055415}_is1" = Dead or Alive ONLINE version 2
"{7D2BB311-B61D-45D6-A4D7-F11FDAD8F19C}_is1" = Uninstall Yuusha
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1" = HF pAppLoc version 1.0
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0B447F-7E14-4BB9-BCFE-1D5C06F7EE35}" = Artificial Girl 3
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A87A837F-413C-4F03-BEF1-6ACC45E20821}" = ILLUSION ラブガール~魅惑の個人レッスン~
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{AF2B1B36-F036-4FDE-BD2C-453FA46B59EC}_is1" = Digital Trigger Lite version 1.0
"{B22C5250-4C70-4B95-B834-87D50E3EC082}_is1" = Game Character Hub version 2.0b
"{B633DACE-2401-4AA7-B8E1-3C4BD70C35BA}" = バーチャルストーカー
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7DD4B24-3DA7-46D6-94F2-6E2249A04585}" = らぶギア
"{BC980840-FC67-4027-9055-251136406614}_is1" = School Mate 2
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C0C9C3D1-D104-41D8-B58E-DC49D46CB369}" = Kyocera TWAIN Driver
"{C109AF5B-69D0-4C93-B360-F28D9FAB6084}" = ILLUSION ジンコウガクエン
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{CA31F991-DBD2-4DE1-B6D2-30105F23CBBC}" = RapeLay
"{CF55095E-07AA-432E-8376-CEF71D70746A}_is1" = Vampires Dawn: Reign of Blood
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DFAA1F4D-5653-48FE-8330-5DEAF57F8415}" = 恋愛+H
"{E0DF029C-DB59-4F90-A0E0-53690B269384}" = 放課後かすたむ☆たいむ
"{E16EF35A-4E99-4E6F-B54F-48D420660700}" = ILLUSION FIELD -幻影現実-
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E500DF84-3A0A-4989-93C2-D33B935008C1}" = Inhaltsmanager-Assistent für PlayStation(R)
"{F097D303-BC25-4FD9-B046-CAB4641DF0A5}" = 肉体契約書
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FB16C8A2-4967-41E2-81EF-57E0A4BF208C}" = 修羅恋~SeeYouLover~
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"××な彼女のつくりかた2" = ××な彼女のつくりかた2
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye A2 Free" = BattlEye (A2Free) Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"claro" = Claro LTD toolbar on IE
"Cobalt" = Cobalt
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.4" = ESN Sonar
"FL Studio 10" = FL Studio 10
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Free Audio Converter_is1" = Free Audio Converter version 5.0.20.1031
"Game Booster_is1" = Game Booster 3
"Hamachi" = Hamachi 1.0.1.5
"IL Download Manager" = IL Download Manager
"InstallShield_{C0C9C3D1-D104-41D8-B58E-DC49D46CB369}" = Kyocera TWAIN Driver
"Little Fighter 2 version 2.0a" = Little Fighter 2 version 2.0a
"MAGIX_MSI_Videodeluxe18_plus" = MAGIX Video deluxe MX Plus
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"ManiaPlanet_is1" = ManiaPlanet
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"RPGVXAce_E_is1" = RPG MAKER VX Ace
"RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Sexy Beach 3 - Complete English Edition" = Sexy Beach 3 - Complete English Edition (remove only)
"SimCity 3000" = SimCity 3000
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 107400" = ARMA 2: Free
"Steam App 17410" = Mirror's Edge
"Steam App 203160" = Tomb Raider
"Steam App 203810" = Dear Esther
"Steam App 205100" = Dishonored
"Steam App 207350" = Ys Origin
"Steam App 211260" = They Bleed Pixels
"Steam App 220440" = DmC Devil May Cry
"Steam App 22350" = BRINK
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 49520" = Borderlands 2
"Steam App 57400" = Batman: Arkham City™
"Steam App 92000" = Hydrophobia: Prophecy
"Steam App 9860" = The Chronicles of Riddick: Assault on Dark Athena
"Terraria Game Launcher GUI_is1" = Terraria Game Launcher GUI version 1.3
"The Void_is1" = The Void
"Uplay" = Uplay
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"YTdetect" = Yahoo! Detect
"いたずらっ娘~うちの娘にかぎって~" = いたずらっ娘~うちの娘にかぎって~
"かすたむアイドロイドAi" = かすたむアイドロイドAi
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"Google Chrome" = Google Chrome
"SOE-C:/Users/Konamalunu/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"SOE-D:/Spiele/Planet Side 2" = gamelauncher-ps2-psg
"soe-PlanetSide 2 PSG" = PlanetSide 2
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.02.2013 10:57:30 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DMC-DevilMayCry.exe, Version: 0.0.0.0,
Zeitstempel: 0x50fffc71 Name des fehlerhaften Moduls: DMC-DevilMayCry.exe, Version:
0.0.0.0, Zeitstempel: 0x50fffc71 Ausnahmecode: 0xc0000005 Fehleroffset: 0x002cad52
ID
des fehlerhaften Prozesses: 0xcc0 Startzeit der fehlerhaften Anwendung: 0x01ce01555320ec3c
Pfad
der fehlerhaften Anwendung: D:\Program Files (x86)\Steam\steamapps\common\DmC Devil
May Cry\Binaries\Win32\DMC-DevilMayCry.exe Pfad des fehlerhaften Moduls: D:\Program
Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
Berichtskennung:
dd35f8af-6d48-11e2-894e-5404a6b5c70d
Error - 02.02.2013 15:04:40 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.1.0.0,
Zeitstempel: 0x4d90d339 Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161,
Zeitstempel: 0x4dace4e7 Ausnahmecode: 0x40000015 Fehleroffset: 0x0000000000042686
ID
des fehlerhaften Prozesses: 0xcf8 Startzeit der fehlerhaften Anwendung: 0x01ce0172f2399bde
Pfad
der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\Photoshop.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll
Berichtskennung:
64d4aad2-6d6b-11e2-894e-5404a6b5c70d
Error - 12.02.2013 13:34:28 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses:
0x440 Startzeit der fehlerhaften Anwendung: 0x01ce094152f6a55d Pfad der fehlerhaften
Anwendung: D:\Program Files (x86)\Origin Games\Battlefield 3\Battlefield 3\bf3.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 72edd636-753a-11e2-8b7a-5404a6b5c70d
Error - 20.02.2013 13:02:48 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BattleRaper2.exe, Version: 0.0.0.0,
Zeitstempel: 0x423bcc03 Name des fehlerhaften Moduls: BattleRaper2.exe, Version:
0.0.0.0, Zeitstempel: 0x423bcc03 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000cee31
ID
des fehlerhaften Prozesses: 0x9e4 Startzeit der fehlerhaften Anwendung: 0x01ce0f8c1070911d
Pfad
der fehlerhaften Anwendung: D:\Spiele\H-Games\Illusion\Battle Raper\BattleRaper2.exe
Pfad
des fehlerhaften Moduls: D:\Spiele\H-Games\Illusion\Battle Raper\BattleRaper2.exe
Berichtskennung:
5a106d71-7b7f-11e2-af3a-5404a6b5c70d
Error - 20.02.2013 13:03:22 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BattleRaper2.exe, Version: 0.0.0.0,
Zeitstempel: 0x423bcc03 Name des fehlerhaften Moduls: BattleRaper2.exe, Version:
0.0.0.0, Zeitstempel: 0x423bcc03 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000cee31
ID
des fehlerhaften Prozesses: 0x1198 Startzeit der fehlerhaften Anwendung: 0x01ce0f8c2a9881a8
Pfad
der fehlerhaften Anwendung: D:\Spiele\H-Games\Illusion\Battle Raper\BattleRaper2.exe
Pfad
des fehlerhaften Moduls: D:\Spiele\H-Games\Illusion\Battle Raper\BattleRaper2.exe
Berichtskennung:
6e7e10f4-7b7f-11e2-af3a-5404a6b5c70d
Error - 21.02.2013 13:12:12 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CM3D English.exe, Version: 0.1.0.25,
Zeitstempel: 0x4f8e44f8 Name des fehlerhaften Moduls: CM3D English.exe, Version:
0.1.0.25, Zeitstempel: 0x4f8e44f8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001fa61
ID
des fehlerhaften Prozesses: 0x1468 Startzeit der fehlerhaften Anwendung: 0x01ce10568ad441bd
Pfad
der fehlerhaften Anwendung: D:\Spiele\H-Games\KISS\Custom Maid 3-D\CM3D English.exe
Pfad
des fehlerhaften Moduls: D:\Spiele\H-Games\KISS\Custom Maid 3-D\CM3D English.exe
Berichtskennung:
d45ee812-7c49-11e2-8e33-5404a6b5c70d
Error - 21.02.2013 16:13:13 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CM3D English.exe, Version: 0.1.0.25,
Zeitstempel: 0x4f8e44f8 Name des fehlerhaften Moduls: CM3D English.exe, Version:
0.1.0.25, Zeitstempel: 0x4f8e44f8 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001fa61
ID
des fehlerhaften Prozesses: 0x1260 Startzeit der fehlerhaften Anwendung: 0x01ce106fd153ff3c
Pfad
der fehlerhaften Anwendung: D:\Spiele\H-Games\KISS\Custom Maid 3-D\CM3D English.exe
Pfad
des fehlerhaften Moduls: D:\Spiele\H-Games\KISS\Custom Maid 3-D\CM3D English.exe
Berichtskennung:
1e69d56a-7c63-11e2-8e33-5404a6b5c70d
Error - 12.03.2013 07:23:10 | Computer Name = Konamalunu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 9145429319.exe, Version: 3.3.8.1,
Zeitstempel: 0x513eee30 Name des fehlerhaften Moduls: 9145429319.exe, Version: 3.3.8.1,
Zeitstempel: 0x513eee30 Ausnahmecode: 0x40000015 Fehleroffset: 0x0000a6a7 ID des fehlerhaften
Prozesses: 0xf7c Startzeit der fehlerhaften Anwendung: 0x01ce1f135c6d9aa0 Pfad der
fehlerhaften Anwendung: C:\Users\Konamalunu\AppData\Local\Temp\9145429319.exe Pfad
des fehlerhaften Moduls: C:\Users\Konamalunu\AppData\Local\Temp\9145429319.exe Berichtskennung:
3801393d-8b07-11e2-9033-5404a6b5c70d
Error - 12.03.2013 07:57:34 | Computer Name = Konamalunu-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Konamalunu\Downloads\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 12.03.2013 14:50:07 | Computer Name = Konamalunu-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Konamalunu\Downloads\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ System Events ]
Error - 09.01.2013 11:38:47 | Computer Name = Konamalunu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 09.01.2013 11:39:19 | Computer Name = Konamalunu-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
Error - 09.01.2013 11:39:50 | Computer Name = Konamalunu-PC | Source = DCOM | ID = 10016
Description =
Error - 09.01.2013 11:39:54 | Computer Name = Konamalunu-PC | Source = DCOM | ID = 10016
Description =
Error - 10.01.2013 11:36:01 | Computer Name = Konamalunu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 10.01.2013 11:36:49 | Computer Name = Konamalunu-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
Error - 10.01.2013 11:37:03 | Computer Name = Konamalunu-PC | Source = DCOM | ID = 10016
Description =
Error - 10.01.2013 11:37:39 | Computer Name = Konamalunu-PC | Source = DCOM | ID = 10016
Description =
Error - 11.01.2013 11:35:56 | Computer Name = Konamalunu-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Browser Manager" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 11.01.2013 11:36:58 | Computer Name = Konamalunu-PC | Source = DCOM | ID = 10016
Description =
< End of report >
--- --- ---
Merkwürdigerweise muss ich feststellen, dass der Virus nichts mehr tut. Eventuell ist er sogar komplett weg. Mögliche Ursache könnte Malwarebytes sein, da es ein Update machte (ohne das ich es bemerkte, aber dass ist wohl nicht sonderlich wichtig) und den Virus selbst besiegen konnte. 100 Prozent sicher bin ich mir natürlich nicht, der Virus könnte auch blos so tun, als wäre er weg, um mit der neusten Version als Spybot zu arbeiten.
Ich wollte das nur gesagt haben. Sämtliche Virenscanner erkennen nichts mehr (Antivir und Malwarebytes).
Merkwürdigerweise muss ich feststellen, dass der Virus nichts mehr tut. Eventuell ist er sogar komplett weg. Mögliche Ursache könnte Malwarebytes sein, da es ein Update machte (ohne das ich es bemerkte, aber dass ist wohl nicht sonderlich wichtig) und den Virus selbst besiegen konnte. 100 Prozent sicher bin ich mir natürlich nicht, der Virus könnte auch blos so tun, als wäre er weg, um mit der neusten Version als Spybot zu arbeiten.
Ich wollte das nur gesagt haben. Sämtliche Virenscanner erkennen nichts mehr (Antivir und Malwarebytes). |
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
WARNUNG an die MITLESER: 
