Belastung durch Viren vorhanden ?
Ich bin momentan unsicher das mein Rechner rein ist.
Er läuft auf jeden Fall langsamer als im normal Fall =/ Code:
OTL Extras logfile created on: 30.03.2013 13:37:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 14,27 Gb Available Physical Memory | 89,34% Memory free
31,95 Gb Paging File | 30,09 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 21,10 Gb Free Space | 18,89% Space Free | Partition Type: NTFS
Drive D: | 630,24 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 100,00 Mb Total Space | 65,84 Mb Free Space | 65,84% Space Free | Partition Type: NTFS
Drive G: | 931,41 Gb Total Space | 372,08 Gb Free Space | 39,95% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1452A6D2-D8DC-49E2-90D3-C3280D59A53D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2074BA0E-124D-4E81-A93E-CC5049BF8399}" = rport=139 | protocol=6 | dir=out | app=system |
"{39B7D0D9-992F-468A-94E0-5C920C18A8B1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3BB397B4-96F1-4BB0-A63B-9CBA3D00E700}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F50C8AE-B4E2-4AD6-AE4D-7C5A4D50F48C}" = rport=445 | protocol=6 | dir=out | app=system |
"{540CAE1D-BE9E-4FB3-96D6-284AAF902FC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B0AC2A0-AE21-40EB-A28B-41016D9BF60F}" = lport=139 | protocol=6 | dir=in | app=system |
"{5C960D43-D1B0-4542-85C6-0010DC729EEB}" = lport=445 | protocol=6 | dir=in | app=system |
"{65B210C9-7145-48A3-8944-581FA5D2F775}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6C35C6DD-43A4-4CED-94DE-2F1050AD6C52}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70617BF2-58EC-426F-B092-8B6C80C2B6F5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{830A57C5-B709-4134-8614-9893A8F34298}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{847545C4-95E9-440A-828E-5EA1A1BC5C33}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{86D067DC-50CE-4765-BBE9-0536AB230DFD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9A4BB342-DE35-42FA-BD34-B53315EC9EAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A61A9034-A6DF-4B18-A1A8-4CAE00728D60}" = lport=137 | protocol=17 | dir=in | app=system |
"{AEDB7691-0F95-460C-A35D-791029B58732}" = rport=137 | protocol=17 | dir=out | app=system |
"{C19D44FA-3D69-4676-8DF4-4693D503CC01}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E829CAC8-C89D-4AE4-AA71-28BCA5540D45}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F95F6FB9-4492-4E0E-B24F-57BB5E3E26B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF8F7EB5-2E54-4C7D-B3DB-839DD1838DA9}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AF1B38-3AE0-4EC5-A26A-3785EF5CC937}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{0214BD04-A61A-4B17-AD63-E25ED1D2EAAB}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steam.exe |
"{026C403D-2DE8-4C6B-BB96-08801D7EA753}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{07002F48-CF80-415D-923A-DCBA63D99A9C}" = protocol=17 | dir=in | app=g:\games\fc3\bin\fc3updater.exe |
"{0D291349-97B5-44FD-B583-8C5D6AABF828}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\magicka\magicka.exe |
"{0DC84828-2193-4F1E-85B4-C69C8DD9A3A7}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{111C8314-04B6-4B52-A055-171F7C1CB4AF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{145A4111-131E-489D-BAFA-C1658981D40F}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{1589BE9D-70A3-49D4-8463-E5666CF2C8C3}" = protocol=17 | dir=in | app=g:\program files (x86)\vivox\c3\c3.exe |
"{17FFCE2C-1089-43C7-B1E5-E1DC2E8DD597}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 3\arma3.exe |
"{1F3CA22B-1FEE-4DC0-A6F0-154EB9CC51D3}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{25CEDEAB-92BC-435E-9BE1-711403E96745}" = protocol=17 | dir=in | app=g:\games\diablo iii\diablo iii.exe |
"{26434D25-38A5-4572-BC6A-3C9699CA3F4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27AE3357-8FA2-4F4D-B1F8-46D399E2EE96}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\dota 2 beta\dota.exe |
"{27F6FD26-785A-4453-9DE1-FC045C236A50}" = protocol=6 | dir=in | app=g:\games\diablo iii\diablo iii.exe |
"{2949C427-68A0-49E3-AD56-07CD7534DE69}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2\arma2.exe |
"{29B85969-91C0-4603-825B-E62530AAC0A4}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe |
"{2B07B61B-4F28-46A0-A5FB-38B93CBC5C8B}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{2B0FE247-764F-4991-82A0-F4F0B3A450BD}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{2F3A4D74-20FD-4F96-A5D4-8707F015C8D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{31323E6C-935B-4885-BC0D-6B09EEF9BAE4}" = protocol=17 | dir=in | app=g:\games\fc3\bin\fc3editor.exe |
"{32534EA7-D487-4400-AFEC-0B689C6AE654}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{326BD33E-0864-41CE-954E-E90FBAFCCBD8}" = protocol=17 | dir=in | app=g:\games\fc3\bin\farcry3_d3d11.exe |
"{327723C8-5B23-4568-9F55-D17AE075192D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{3A0762DD-D2C4-405C-8363-6F6B0D0246DC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3D2DDB28-4AB4-48A4-9BC8-A1F8EF1F2B1E}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 3 alpha lite\arma3demo.exe |
"{3E7131BE-2B5B-4D26-9545-F2DE2462783F}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steam.exe |
"{40E186AD-8710-43F9-B89F-F3ABF4F9B15E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{40E414EC-429C-445D-8895-082B13E8B332}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{43B190D4-78BA-4579-A81F-012421258ED8}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{447F25A9-CBBA-4318-A80F-E287163D51E2}" = dir=in | app=g:\program files (x86)\the war z\warz.exe |
"{450353D7-77A6-4DE7-B679-76929556C366}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47003DE7-F59B-42DD-8A29-5909C5A344FE}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{47BDCC1F-515A-4EBF-8D03-182F9A0384D4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{4A8CE146-DDB2-4956-8E56-09A18A598339}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{4BE192C4-8384-4A74-97F6-18675021F85C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4F906F4D-2362-4040-B93D-536794DE1CFC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{5BCAB434-8734-489B-BECB-E0C4F3B92B72}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{5CDA4351-B725-43C9-9D09-D7A1A97EAF21}" = protocol=6 | dir=in | app=g:\games\fc3\bin\farcry3.exe |
"{5D7E3B89-2194-4B79-B3AB-0B30A23509E0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{5F2B2123-C634-4348-963A-975F40C8AC84}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe |
"{62040EDB-2BF5-4BAE-84D8-DEEB6C1045A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64009B28-5724-4884-A075-63459B582265}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{66D09370-0383-4680-B3F0-29AE9DCAC59E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{678E6437-00E5-4B4C-9461-E58EA7306984}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\dota 2 beta\dota.exe |
"{68A3DE2B-3C69-4CA3-87F4-5404BEA43314}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{69295413-6052-4BD9-AD2C-6B9EC464671A}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\magicka\magicka.exe |
"{712DAC87-696E-4F41-B042-9C55B9E76E4A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\benchmark.exe |
"{7254B17F-2270-49F8-BECE-3D985479E927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73417645-9845-43EF-82E0-87990724C47F}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{74C13B84-E512-478D-A510-6E9862E3CFC2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7622442C-809B-4570-A24C-945B297AD302}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{76EB0C4D-C43D-422D-B8CB-557665175647}" = protocol=17 | dir=in | app=g:\games\fc3\bin\farcry3.exe |
"{775CDEA4-4CF1-4B3C-9350-9D38944A5293}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\just cause 2\justcause2.exe |
"{7A3408CF-B9D8-4100-81C0-9690EFFBE9E5}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2\arma2.exe |
"{7A42326F-F625-4E9A-AA9E-767A04DC17AD}" = protocol=6 | dir=in | app=g:\games\fc3\bin\fc3updater.exe |
"{7DC16C7C-3E21-41E2-B6BF-C3F376711A04}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7E5E2F73-F703-463D-9FE7-FB23A9E153E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8001B480-4408-45C7-BC59-24C39EB6E0A7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{815DD436-1B86-44E2-9189-D35F2E98EDCA}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{817EB6B2-2C56-4482-8702-3BDCA3545639}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{833FFED1-1766-4391-BEE8-B8651684DDEB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{84A97355-54E4-46E9-8EE7-911FEB88D351}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{85EC9E4A-6233-49C3-B802-4F0C35611979}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{87135DE2-B4C0-4BF3-BC6B-8D6B6960AA51}" = protocol=17 | dir=in | app=g:\games\dragon next install\dragon nest europe\dragonnest.exe |
"{87CD8A89-A5C2-4418-A331-676A27CE4E71}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{89324F4A-2652-4447-9817-CE18F7FF3710}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8AE0E40F-D26A-4503-AA5C-56019A731CE5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B132B2D-06CD-4867-B2EF-1F02ABFC07DB}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{8B32BF4F-7D72-4A04-BA88-ABDD4BB2B583}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8C5E8241-C81B-47B9-8FAF-9C51733B240F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8CB71F4A-CF6D-49D5-9BAA-B822C50C8B2D}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8D20D1F8-0104-4440-B0CB-96A1BAFAB70E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9006F142-A30A-40D1-999F-0C28C7AFCE02}" = protocol=6 | dir=in | app=g:\games\fc3\bin\fc3editor.exe |
"{90E581BF-199E-4AE5-93C6-D13D3FAB3758}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{96292F44-51A7-4752-9E1D-80535A1DF1CD}" = protocol=6 | dir=in | app=g:\games\stc2\starcraft ii\starcraft ii.exe |
"{96F162EC-B284-4B92-91A3-5B857F0AFD30}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{98737CD4-8A10-4AB0-8665-01A90A64A502}" = protocol=6 | dir=in | app=g:\program files (x86)\bf333\battlefield 3\bf3.exe |
"{9915D028-8DF1-4503-AD38-89E73A0925FC}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\just cause 2\justcause2.exe |
"{9FC8CED7-228A-41CB-B131-FB12C7F105D6}" = protocol=6 | dir=in | app=g:\games\utorrent\utorrent.exe |
"{A0AD2568-60EE-4957-968D-275BB91E0828}" = protocol=17 | dir=in | app=g:\games\stc2\starcraft ii\starcraft ii public test.exe |
"{A17476E2-98F3-46E7-AE61-5B186244268E}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{A45C413A-37B5-47B2-A733-E87AE2F390A0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\anno4.exe |
"{A472365A-4EFD-4CFC-91EC-9092C61072E3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A4BABAFE-4695-4702-A734-6D2514A8758D}" = protocol=6 | dir=out | app=system |
"{A6857A54-7D31-4A98-A210-822306BA11EB}" = protocol=6 | dir=in | app=g:\games\war thunder\launcher.exe |
"{A9185D5A-105A-4529-BF80-F9672F443DE3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{ABB3E7F0-6A58-4523-BA5B-6F7DE10A91F1}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{B010A4E2-AA92-4513-ACD1-87E92C4C6891}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{B460B112-DDDC-4A76-B5AF-0E42A21C22FD}" = protocol=17 | dir=in | app=g:\games\stc2\starcraft ii\starcraft ii.exe |
"{B6DE891F-34FF-4BB9-BF07-D26A5DF4B84F}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{B8E4194C-CF7D-4848-BE73-A9E76E1B9DC4}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{B967BE3D-6563-4155-A07D-70F053099C70}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 3 alpha lite\arma3demo.exe |
"{BAB6B462-6CC5-4B1E-9F0C-42473ADE8403}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD29D73E-3769-49DB-8E73-C9AD5F843DBF}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{BEC66D8A-DD3F-45A9-92E3-B1E2DB2C2297}" = protocol=6 | dir=in | app=g:\games\stc2\starcraft ii\starcraft ii public test.exe |
"{C11B8BEB-8A46-4685-A3EE-0100F5119AA8}" = protocol=17 | dir=in | app=g:\program files (x86)\bf333\star wars - the old republic\launcher.exe |
"{C2D249ED-B3EA-4842-BF8E-F20FA24B5B38}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C2F3CF3B-E258-46FE-B2BC-08C80F0905C8}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{C379AA5C-C587-46EE-B9B7-A526F8A04150}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C45C1833-900F-49AE-93AB-49C7BE747A64}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 3\arma3.exe |
"{C6EA3705-99F1-44BA-B1BF-18B4F420B59D}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe |
"{CBD5EBE0-4E33-41CB-AA9F-06DFF43FFBA9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D230DBB5-4E2C-4CE2-A9DD-539729B7611C}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\counter-strike global offensive\bin\sdklauncher.exe |
"{D641DE0F-D50E-40AE-A194-F5793127278A}" = protocol=17 | dir=in | app=g:\games\war thunder\launcher.exe |
"{D8212FA8-7C37-4F93-A37D-021A9009C0A4}" = protocol=17 | dir=in | app=g:\program files (x86)\bf333\battlefield 3\bf3.exe |
"{D96D1B66-DFC2-4BF1-BA75-BCA9174A3A76}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe |
"{DD5488E5-5348-44AF-B0BE-B7687892C299}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{DF79A960-3291-4313-8768-82E7C71D3106}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe |
"{E2127ECB-A63F-4875-ABB1-102B8CF10335}" = protocol=6 | dir=in | app=g:\program files (x86)\bf333\star wars - the old republic\launcher.exe |
"{E2FE1113-FD4C-4847-8986-970CF11593EB}" = protocol=17 | dir=in | app=g:\games\utorrent\utorrent.exe |
"{E4407C54-7154-4D13-A7F2-C84FCD891101}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E57F74F5-7ABD-4247-ADE2-EC2C46217101}" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{E845612E-FC93-4687-824D-4CC8E4823FD5}" = protocol=6 | dir=in | app=g:\games\dragon next install\dragon nest europe\dragonnest.exe |
"{E87451D5-C978-414A-A009-AA7DD6581B0E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{EF9BC9DC-9B62-48CD-8C10-739FE5F3EA84}" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{F01C534D-3B0A-40F1-AF0C-954CA138CF8B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F3FDF440-9BC3-46C5-8A90-B0E0B646F218}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F422707A-59C9-43D4-B92F-31B62B69ECC7}" = protocol=6 | dir=in | app=g:\games\fc3\bin\farcry3_d3d11.exe |
"{F5D067A5-4833-4D9C-BF33-F43B85D1F291}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F9478A01-72A4-43B4-839D-23707B8B12E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD8647D6-ECAB-426F-A8BC-CFDBB02DF2FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FFF53CE4-3036-45F8-9664-450453FDE77F}" = protocol=6 | dir=in | app=g:\program files (x86)\vivox\c3\c3.exe |
"TCP Query User{1F43478D-CE58-4E72-BB8D-952E8D98A585}G:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"TCP Query User{24F02338-7A82-442E-87C9-83971D44234A}G:\games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=g:\games\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{309C9187-F92F-4B24-8C1B-2AB409B0C07F}G:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{316508E5-06F6-4190-B483-3F3399968261}G:\games\guildwars2!\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=g:\games\guildwars2!\guild wars 2\gw2.exe |
"TCP Query User{34729172-9BE2-4A5E-BCA2-9643F79C76D9}G:\games\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=g:\games\guild wars 2\gw2.exe |
"TCP Query User{35A67D0F-6BC5-4A01-8478-F746983E59EE}C:\users\user\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\gw2.exe |
"TCP Query User{4B00B17E-8B50-45E9-9C57-C9FFBFF53821}G:\program files (x86)\steam\steam\steamapps\sgteaglegg\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\sgteaglegg\counter-strike source\hl2.exe |
"TCP Query User{4E7F561F-7924-4031-9596-CF79C36AFF8D}C:\program files (x86)\network camera\ip discovery\ipdis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\network camera\ip discovery\ipdis.exe |
"TCP Query User{51E217A1-97FF-4091-A7D4-BE8B1862ADC8}G:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=g:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{644D7C2C-074B-499A-B018-5AA0A720D773}G:\program files (x86)\steam\steam\steam.exe" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steam.exe |
"TCP Query User{6C187D48-A837-4E22-9E65-D3AE9AEE10AA}G:\games\stc2\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=g:\games\stc2\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{85BC4735-4E7A-4188-9641-2D54DD5FA846}G:\games\tera\tera-launcher.exe" = protocol=6 | dir=in | app=g:\games\tera\tera-launcher.exe |
"TCP Query User{8FB08D29-410E-4FF3-BC5B-BF1B72C44ADB}G:\games\gps\pcgps.exe" = protocol=6 | dir=in | app=g:\games\gps\pcgps.exe |
"TCP Query User{9D207DED-2DB3-4078-B62C-48CF8D7DD917}G:\program files (x86)\steam\steam\steamapps\sgteaglegg\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\sgteaglegg\team fortress 2\hl2.exe |
"TCP Query User{A1A09623-2A31-41B5-8232-E89382329A2D}C:\program files (x86)\nvr\nvr\mainconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nvr\nvr\mainconsole.exe |
"TCP Query User{A5884FF5-7BA0-496F-8CF8-BBBC39921085}C:\program files (x86)\network camera\ip discovery\ipdis.exe" = protocol=6 | dir=in | app=c:\program files (x86)\network camera\ip discovery\ipdis.exe |
"TCP Query User{A8591FEE-E4B7-4D09-95D3-045A1558BAED}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{B8B9CA81-E5DB-4FFF-9A50-BBF71E867FA2}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{BAE6A435-23F2-4133-914E-A443CEDCA98F}C:\program files (x86)\nvr\nvr\mainconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nvr\nvr\mainconsole.exe |
"TCP Query User{D1EBC4FF-ECB5-44CA-AB4E-663577EEB84B}G:\users\user\desktop\desktop [2]\some games\empire earth\empire earth.exe" = protocol=6 | dir=in | app=g:\users\user\desktop\desktop [2]\some games\empire earth\empire earth.exe |
"TCP Query User{E5A1A435-0DCF-46B7-BF75-D5EABDD0A875}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{EBC849D0-5ABA-4075-8F11-88EC0D4B65D4}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{EC75AEE8-3927-4698-BFB5-8C5AA2867CF5}G:\program files (x86)\vivox\c3\c3.exe" = protocol=6 | dir=in | app=g:\program files (x86)\vivox\c3\c3.exe |
"UDP Query User{051315FE-F483-4ECB-9BB8-406109D39ACA}C:\program files (x86)\nvr\nvr\mainconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nvr\nvr\mainconsole.exe |
"UDP Query User{058F100F-8550-4AE8-B5A7-12A19998CD10}C:\program files (x86)\network camera\ip discovery\ipdis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\network camera\ip discovery\ipdis.exe |
"UDP Query User{0B714DD4-3DF2-45B0-80AA-43104F030597}G:\program files (x86)\steam\steam\steamapps\sgteaglegg\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\sgteaglegg\team fortress 2\hl2.exe |
"UDP Query User{0DBA3891-29F9-4103-A07F-4C5625E0BA07}G:\games\tera\tera-launcher.exe" = protocol=17 | dir=in | app=g:\games\tera\tera-launcher.exe |
"UDP Query User{19DC92FB-A597-4D5F-A361-C9083B780AF4}G:\games\guildwars2!\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=g:\games\guildwars2!\guild wars 2\gw2.exe |
"UDP Query User{1F206595-4719-47D5-B577-A8B59FA1D598}C:\program files (x86)\network camera\ip discovery\ipdis.exe" = protocol=17 | dir=in | app=c:\program files (x86)\network camera\ip discovery\ipdis.exe |
"UDP Query User{210F348E-B671-4DB6-A0F1-A9C00C0D9C7D}G:\users\user\desktop\desktop [2]\some games\empire earth\empire earth.exe" = protocol=17 | dir=in | app=g:\users\user\desktop\desktop [2]\some games\empire earth\empire earth.exe |
"UDP Query User{24F7247B-27D5-482B-B7AD-3761962F22A1}G:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe |
"UDP Query User{3661B1D7-C572-4BFD-9E4C-F2DAC4E7AA08}C:\users\user\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\gw2.exe |
"UDP Query User{3BB4445B-51B6-4BA6-AEE9-D78B78191060}G:\program files (x86)\steam\steam\steamapps\sgteaglegg\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\sgteaglegg\counter-strike source\hl2.exe |
"UDP Query User{4B087C21-F2B0-410D-BC91-A08FD189D474}G:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{4F25392B-89BA-4B31-9CD0-92AE5FF78AC1}G:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=g:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{55984343-603F-46BA-859E-985A84608496}G:\games\stc2\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=g:\games\stc2\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{6382E31E-4A82-45B3-81A5-AFCCEAA4AD3E}G:\games\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=g:\games\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{63B0CEA8-1851-437F-96F2-B6224166233F}G:\program files (x86)\steam\steam\steam.exe" = protocol=17 | dir=in | app=g:\program files (x86)\steam\steam\steam.exe |
"UDP Query User{75DAEFCF-E575-42C2-BD9F-B2E6C64B8D79}C:\program files (x86)\nvr\nvr\mainconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nvr\nvr\mainconsole.exe |
"UDP Query User{9A2FE63A-27FB-4CD0-A1F1-931B8991540D}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{AE0A6914-525D-4446-A280-FF4FC7365F12}G:\program files (x86)\vivox\c3\c3.exe" = protocol=17 | dir=in | app=g:\program files (x86)\vivox\c3\c3.exe |
"UDP Query User{B12EAB14-F43C-4D75-8F88-E086DEDE387E}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{B5DC6EC8-56F3-4DF8-A95B-44FC65FEE1B5}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"UDP Query User{D65F2702-3D53-4992-ADD0-F0BDDAFB3E29}G:\games\gps\pcgps.exe" = protocol=17 | dir=in | app=g:\games\gps\pcgps.exe |
"UDP Query User{E278D0C8-51B4-44FD-B717-0460E4AE825A}G:\games\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=g:\games\guild wars 2\gw2.exe |
"UDP Query User{ED053CD4-D2FA-48EA-AF6D-013E4AB7EE2F}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = ASUS Bluetooth Suite
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{91C4D79C-3579-48E8-ADFA-8818042AEB73}" = Logitech G930
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.0.1 (BETA)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.47.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24570B2F-3937-47F0-A16A-E82B480A7699}" = XSplit
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2DB72FFA-884E-4BD6-B326-4F89865CB113}_is1" = CCleaner Business
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30D6B6ED-E039-4D62-8E07-E058D17A9372}" = AVerMedia RECentral
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404 - Königsedition
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A62FED1-759A-11E0-8248-0013D3D69929}" = Vegas Movie Studio HD Platinum 11.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5B80AE2E-759D-11E0-A27D-005056C00008}" = MSVCRT Redists
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AEC41C2D-ED98-4D21-A354-05593C9D75BE}" = IP Discovery
"{aec97477-921a-4289-985a-9e29506625b6}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{B217B8BC-8543-46DB-B049-89660B8BFADD}_is1" = CCleaner Professional
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version 1.0
"{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1" = SRWare Iron Version SRWare Iron 18.0.1050.0
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D70F0FA2-DF44-48EF-949A-EDBE764DDBC9}" = NVR
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.164
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D34EBA-83D6-49E3-A6D6-6889C4A639A3}" = DayZ Commander
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"A New Dawn" = NVIDIA A New Dawn demo
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ASIO4ALL" = ASIO4ALL
"ATC_is1" = Advanced Tactical Center™ 1.12
"AVerMedia C985 PCIe Live Gamer HD" = AVerMedia C985 PCIe Live Gamer HD 3.3.64.20
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Blue Byte Game Channel" = Blue Byte Game Channel
"Borderlands 2_is1" = Borderlands 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CPUCooL" = CPUCooL (remove only)
"Crysis 3 incl. Update v1.1_is1" = Crysis 3
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"FightMouse Elite 3" = FightMouse Elite
"Free FLV Converter_is1" = Free FLV Converter V 7.4.0
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.0.2
"Google Maps With GPS Tracker 38.0_is1" = 38.0
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}" = AVerMedia RECentral
"IrfanView" = IrfanView (remove only)
"LOLReplay" = LOLReplay
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Camera Document" = Network Camera Document 2011-04-26
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PrecisionX" = EVGA Precision X 3.0.2
"PunkBusterSvc" = PunkBuster Services
"S4Uninst" = Die Siedler IV
"ShiftWindow_is1" = ShiftWindow 1.02
"StarCraft II" = StarCraft II
"Steam App 107410" = Arma 3 Alpha
"Steam App 12210" = Grand Theft Auto IV
"Steam App 200710" = Torchlight II
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 214870" = Painkiller Hell & Damnation
"Steam App 219540" = Arma 2: Operation Arrowhead Beta
"Steam App 228800" = Arma 3 Alpha Lite
"Steam App 240" = Counter-Strike: Source
"Steam App 33905" = ARMA 2 Dedicated Server
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 42910" = Magicka
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 745" = Counter-Strike: Global Offensive - SDK
"Steam App 8190" = Just Cause 2
"TeamViewer 8" = TeamViewer 8
"Tunngle beta_is1" = Tunngle beta
"Uplay" = Uplay
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.03.2013 04:33:19 | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "G:\Games\xSplit\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.03.2013 03:40:07 | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "G:\Games\xSplit\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 28.03.2013 23:36:04 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.62.102.591 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1fb0 Startzeit:
01ce2c2e83db3460 Endzeit: 1 Anwendungspfad: G:\Program Files (x86)\Steam\Steam\SteamApps\common\arma
2 operation arrowhead\expansion\beta\arma2oa.exe Berichts-ID: c6822483-9821-11e2-a19e-0026832f02e6
Error - 28.03.2013 23:43:14 | Computer Name = User-PC | Source = .NET Runtime | ID = 1026
Description =
Error - 28.03.2013 23:43:15 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DayZCommander.exe, Version: 0.9.1.69,
Zeitstempel: 0x512eb8e7 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,
Zeitstempel: 0x50b83c8a Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000c41f ID des fehlerhaften
Prozesses: 0x14a4 Startzeit der fehlerhaften Anwendung: 0x01ce2c2de8e4d1fe Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Temp\3628a073-682e-4a8e-8ce8-250788f37113\DayZCommander.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: c8ef4e40-9822-11e2-a19e-0026832f02e6
Error - 28.03.2013 23:45:19 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm arma2oa.exe, Version 1.62.102.591 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a9c Startzeit:
01ce2c2fcf267cbe Endzeit: 20 Anwendungspfad: G:\Program Files (x86)\Steam\Steam\SteamApps\common\arma
2 operation arrowhead\expansion\beta\arma2oa.exe Berichts-ID: 11b8f24a-9823-11e2-a19e-0026832f02e6
Error - 29.03.2013 02:45:47 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610,
Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Air.dll, Version: 0.0.0.0,
Zeitstempel: 0x511c7eb4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000b027 ID des fehlerhaften
Prozesses: 0x1fc4 Startzeit der fehlerhaften Anwendung: 0x01ce2c40e3bf924f Pfad der
fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.255\deploy\LolClient.exe
Pfad
des fehlerhaften Moduls: G:\Program Files (x86)\LOLReplay\Air.dll Berichtskennung:
48d7cccd-983c-11e2-a19e-0026832f02e6
Error - 29.03.2013 11:35:10 | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "G:\Games\xSplit\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 30.03.2013 04:34:47 | Computer Name = User-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "G:\Games\xSplit\XSplitBroadcasterSrc.exe".
Die
abhängige Assemblierung "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 30.03.2013 08:31:47 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1040 Startzeit:
01ce2d3f309e279d Endzeit: 49413 Anwendungspfad: C:\Users\User\Desktop\OTL.exe Berichts-ID:
aa1f22d8-9935-11e2-9a93-0026832f02e6
Error - 30.03.2013 08:34:19 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1380 Startzeit:
01ce2d429548486a Endzeit: 54444 Anwendungspfad: C:\Users\User\Desktop\OTL.exe Berichts-ID:
00d91607-9936-11e2-9a93-0026832f02e6
[ System Events ]
Error - 30.03.2013 08:50:22 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:25 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:29 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:32 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:35 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:39 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:48 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:50:57 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:51:06 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.03.2013 08:51:15 | Computer Name = User-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report >
Code:
GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-30 14:21:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 OCZ-AGILITY3 rev.2.15 111,79GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\User\AppData\Local\Temp\kxldapob.sys
---- User code sections - GMER 2.1 ----
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtReadFile 000000007720f8d0 5 bytes JMP 000000010051c520
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtWriteFile 000000007720f908 5 bytes JMP 000000010051ba10
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtClose 000000007720f9c0 5 bytes JMP 000000010051c27c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryObject 000000007720f9d8 5 bytes JMP 000000010051bae4
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryInformationFile 000000007720f9f0 5 bytes JMP 000000010051c468
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtOpenKey 000000007720fa08 5 bytes JMP 000000010051ae60
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtEnumerateValueKey 000000007720fa20 5 bytes JMP 000000010051a580
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryKey 000000007720fa70 5 bytes JMP 000000010051a640
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey 000000007720fa88 5 bytes JMP 000000010051a6f8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryInformationProcess 000000007720fab8 5 bytes JMP 0000000100519eac
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateKey 000000007720fb20 5 bytes JMP 000000010051ab3c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile 000000007720fc18 5 bytes JMP 000000010051c3b0
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection 000000007720fc30 5 bytes JMP 000000010051c9d8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection 000000007720fc60 5 bytes JMP 000000010051c844
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007720fc90 5 bytes JMP 000000010051b9a8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtEnumerateKey 000000007720fd2c 5 bytes JMP 000000010051a7dc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile 000000007720fd44 5 bytes JMP 000000010051cc88
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryDirectoryFile 000000007720fd78 5 bytes JMP 000000010051bbc4
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtOpenSection 000000007720fda8 5 bytes JMP 000000010051bcac
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtFsControlFile 000000007720fdd8 5 bytes JMP 000000010051a244
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtDuplicateObject 000000007720fe24 5 bytes JMP 000000010051be3c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryAttributesFile 000000007720fe3c 5 bytes JMP 000000010051ceac
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryVolumeInformationFile 000000007720ff6c 5 bytes JMP 000000010051c048
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateSection 000000007720ff84 5 bytes JMP 000000010051cb60
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtFlushBuffersFile 000000007720ff9c 5 bytes JMP 000000010051a304
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateProcessEx 000000007720ffcc 5 bytes JMP 0000000100519cdc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 000000007720ffe4 5 bytes JMP 0000000100519df0
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQuerySection 0000000077210030 5 bytes JMP 000000010051c920
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077210048 5 bytes JMP 0000000100519ecc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile 0000000077210094 5 bytes JMP 000000010051c5f8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSetValueKey 00000000772101a4 5 bytes JMP 000000010051a89c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtAccessCheck 0000000077210208 5 bytes JMP 000000010051a4a8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateProcess 00000000772107f4 5 bytes JMP 0000000100519bc8
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess 00000000772108fc 5 bytes JMP 0000000100519f2c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtDeleteFile 00000000772109c4 5 bytes JMP 000000010051c100
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtDeleteKey 00000000772109dc 5 bytes JMP 000000010051aa04
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtDeleteValueKey 0000000077210a24 5 bytes JMP 000000010051a960
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtExtendSection 0000000077210afc 5 bytes JMP 000000010051a3e4
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtFlushKey 0000000077210b60 5 bytes JMP 000000010051aaa0
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtLoadKey 0000000077210dec 5 bytes JMP 000000010051afdc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtLoadKey2 0000000077210e04 5 bytes JMP 000000010051b16c
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtLockFile 0000000077210e34 5 bytes JMP 000000010051c110
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtNotifyChangeDirectoryFile 0000000077210f38 5 bytes JMP 000000010051a134
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtNotifyChangeKey 0000000077210f50 5 bytes JMP 000000010051b304
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtOpenKeyEx 0000000077210ff8 5 bytes JMP 000000010051acdc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile 000000007721131c 5 bytes JMP 000000010051d038
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQueryMultipleValueKey 000000007721145c 5 bytes JMP 000000010051b3e4
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtQuerySecurityObject 0000000077211508 5 bytes JMP 000000010051a068
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtReplaceKey 0000000077211728 5 bytes JMP 000000010051b4a4
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtRestoreKey 00000000772117c0 5 bytes JMP 000000010051b624
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSaveKey 0000000077211854 5 bytes JMP 000000010051b6cc
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationKey 0000000077211a38 5 bytes JMP 000000010051b770
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSetSecurityObject 0000000077211b7c 5 bytes JMP 0000000100519f90
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtSetVolumeInformationFile 0000000077211c7c 5 bytes JMP 000000010051bf44
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtUnloadKey 0000000077211e50 5 bytes JMP 000000010051b820
.text G:\CPUCooL\CooLSrv.exe[1936] C:\Windows\SysWOW64\ntdll.dll!NtUnlockFile 0000000077211e98 5 bytes JMP 000000010051c1d0
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000070ef1a22 2 bytes [EF, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000070ef1ad0 2 bytes [EF, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000070ef1b08 2 bytes [EF, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000070ef1bba 2 bytes [EF, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000070ef1bda 2 bytes [EF, 70]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075971465 2 bytes [97, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759714bb 2 bytes [97, 75]
.text ... * 2
.text C:\Users\User\AppData\Local\Akamai\netsession_win.exe[3148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075971465 2 bytes [97, 75]
.text C:\Users\User\AppData\Local\Akamai\netsession_win.exe[3148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759714bb 2 bytes [97, 75]
.text ... * 2
.text C:\Users\User\AppData\Local\Akamai\netsession_win.exe[3360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075971465 2 bytes [97, 75]
.text C:\Users\User\AppData\Local\Akamai\netsession_win.exe[3360] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759714bb 2 bytes [97, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [3812:1968] 000007fef2519688
---- Processes - GMER 2.1 ----
Library C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll (*** suspicious ***) @ C:\Windows\system32\svchost.exe [1020] 00000000746e0000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026832f02e6
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026832f02e6 (not active ControlSet)
---- EOF - GMER 2.1 ----
Code:
OTL logfile created on: 30.03.2013 13:37:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 14,27 Gb Available Physical Memory | 89,34% Memory free
31,95 Gb Paging File | 30,09 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 21,10 Gb Free Space | 18,89% Space Free | Partition Type: NTFS
Drive D: | 630,24 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 100,00 Mb Total Space | 65,84 Mb Free Space | 65,84% Space Free | Partition Type: NTFS
Drive G: | 931,41 Gb Total Space | 372,08 Gb Free Space | 39,95% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.30 13:06:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.03.12 17:53:34 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.01.26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe
PRC - [2013.01.19 03:51:31 | 001,129,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.08.08 15:24:41 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.31 03:08:58 | 000,339,456 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
PRC - [2012.05.08 15:23:01 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 15:23:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () -- G:\CPUCooL\CooLSRV.exe
PRC - [2011.10.31 19:30:00 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
PRC - [2011.03.23 10:42:52 | 001,516,888 | ---- | M] (Logitech(c)) -- G:\Program Files (x86)\Logitech 930\G930.exe
PRC - [2010.06.09 05:36:50 | 001,273,856 | ---- | M] () -- G:\RazerMaus\Gaming 3.exe
========== Modules (No Company Name) ==========
MOD - [2010.06.09 05:36:50 | 001,273,856 | ---- | M] () -- G:\RazerMaus\Gaming 3.exe
========== Services (SafeList) ==========
SRV - [2013.03.15 17:29:10 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.03.13 15:53:18 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.12 17:53:34 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.03.09 12:21:57 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.04 10:02:07 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.01.19 03:50:09 | 002,070,304 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Running] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.11.26 18:35:10 | 000,745,368 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.07.31 03:08:58 | 000,339,456 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe -- (AVerRECentral)
SRV - [2012.05.15 11:59:00 | 004,687,672 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.05.08 15:23:01 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 15:23:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.01 17:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- G:\CPUCooL\CooLSRV.exe -- (CPUCooLServer)
SRV - [2011.10.31 19:30:00 | 000,167,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2011.05.31 08:42:06 | 000,210,024 | ---- | M] (DTS) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\DTSAudioService64.exe -- (DTSAudioService)
SRV - [2011.03.01 14:43:52 | 000,076,448 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.08.18 11:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.03.11 20:00:47 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.12.29 11:34:47 | 000,447,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012.12.19 06:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.09 06:38:36 | 002,271,360 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer330.sys -- (AVer330)
DRV:64bit: - [2012.06.18 03:09:12 | 000,097,792 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2012.06.18 03:09:10 | 000,021,504 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2012.05.08 15:23:01 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 15:23:01 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.16 15:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.06.02 09:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 09:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.16 22:15:12 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2011.03.18 16:20:22 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerCamd64.sys -- (LADF_BakerCOnly)
DRV:64bit: - [2011.03.18 13:33:48 | 000,335,688 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys -- (LADF_BakerROnly)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.01 14:44:08 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.01 14:44:06 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.01 14:44:06 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.01 14:44:06 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.01 14:44:06 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.01 14:44:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.01 14:44:06 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.01 14:44:04 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010.11.22 08:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.11 20:12:02 | 000,019,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ntiopnp.sys -- (ntiopnp)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=homepage&u=5c7151d600000000000000ffb4d425d0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 38 F8 25 4F 21 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {8CC3E3A7-D488-4711-BA8C-0E800247F4C9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=8133db2e-151a-420a-aa91-6d77b94065c0&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112542&tt=010812_906_cln_3212_5&babsrc=SP_ss&mntrId=5c7151d60000000000000026832f02e6
IE - HKCU\..\SearchScopes\{8CC3E3A7-D488-4711-BA8C-0E800247F4C9}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5c7151d600000000000000ffb4d425d0&q={searchTerms}&r=446
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: G:\Flyff\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.13 21:03:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.09 12:21:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.09 12:21:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.11.11 07:01:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013.02.13 14:00:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\pqxy4g0i.default\extensions
[2013.02.13 14:00:26 | 000,001,435 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\pqxy4g0i.default\searchplugins\spamfreesearch.xml
[2013.03.09 12:21:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.09 12:21:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.12.31 22:54:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.12.31 22:54:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.12.31 22:54:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.12.31 22:54:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.12.31 22:54:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.12.31 22:54:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Gaming 3] G:\RazerMaus\Gaming 3.exe ()
O4 - HKLM..\Run: [Logitech G930] G:\Program Files (x86)\Logitech 930\G930.exe (Logitech(c))
O4 - HKLM..\Run: [NVR] C:\Program Files (x86)\NVR\NVR\MainConsole.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {1384A8DE-7296-49DA-B7F8-8A9A5984BE52} hxxp://192.168.178.30/AxRTSP.cab (RTSPCtl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4D425D0-3865-43DF-AF2B-E731192CCD1C}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C778B360-3265-47DB-B2D9-8D29735EF536}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C778B360-3265-47DB-B2D9-8D29735EF536}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (G:\Games\Sopho2\Sophos Anti-Virus\sophos_detoured_x64.dll) - File not found
O20:64bit: - AppInit_DLLs: (G:\Games\Sopho2\Sophos Anti-Virus\sophos_detoured_x64.dll) - File not found
O20 - AppInit_DLLs: (G:\Games\Sopho2\Sophos Anti-Virus\sophos_detoured.dll) - File not found
O20 - AppInit_DLLs: (G:\Games\Sopho2\Sophos Anti-Virus\sophos_detoured.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.10.21 12:05:21 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2002.11.12 16:39:16 | 000,258,048 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2002.01.29 10:43:23 | 000,000,096 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1fe80fb0-20cb-11e2-9a5a-0026832f02e6}\Shell - "" = AutoRun
O33 - MountPoints2\{1fe80fb0-20cb-11e2-9a5a-0026832f02e6}\Shell\AutoRun\command - "" = L:\Setup.exe
O33 - MountPoints2\{922771af-63e4-11e2-9ce4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{922771af-63e4-11e2-9ce4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2002.11.12 16:39:16 | 000,258,048 | R--- | M] ()
O33 - MountPoints2\{9c93de7d-8a19-11e2-8550-0026832f02e6}\Shell - "" = AutoRun
O33 - MountPoints2\{9c93de7d-8a19-11e2-8550-0026832f02e6}\Shell\AutoRun\command - "" = H:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.30 13:36:44 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.03.30 13:06:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.03.30 13:03:58 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\System!
[2013.03.26 10:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TERA
[2013.03.26 10:44:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
[2013.03.26 07:55:55 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\DragonNest
[2013.03.26 07:07:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
[2013.03.15 13:24:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Sophos
[2013.03.15 13:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013.03.15 13:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2013.03.14 13:07:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubi Soft
[2013.03.14 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blue Byte
[2013.03.14 13:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte
[2013.03.13 20:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2013.03.12 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crysis 3
[2013.03.12 14:31:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2013.03.12 13:14:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\EA Games
[2013.03.11 20:10:46 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ANNO 1404 Venedig
[2013.03.11 20:07:31 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Tunngle
[2013.03.11 20:06:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Ubisoft
[2013.03.11 20:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.03.11 10:01:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013.03.09 12:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.06 18:14:47 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Arma 3 Alpha - Other Profiles
[2013.03.06 18:06:58 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Arma 3 Alpha
[2013.03.06 18:06:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Arma 3 Alpha
[2013.03.06 07:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.03.04 22:07:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\WarThunder
[2013.03.04 22:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013.03.04 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
[2012.08.16 10:51:01 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\User\AppData\Roaming\siw_sdk.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.30 13:43:44 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.30 13:43:44 | 000,023,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.30 13:40:47 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.30 13:40:47 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.30 13:40:47 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.30 13:40:47 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.30 13:40:47 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.30 13:36:39 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2013.03.30 13:36:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.30 13:36:28 | 4276,682,750 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.30 13:06:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.03.30 13:05:40 | 000,000,000 | ---- | M] () -- C:\Users\User\defogger_reenable
[2013.03.30 12:54:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1669887493-268872783-2900105303-1000UA.job
[2013.03.30 12:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.30 09:54:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1669887493-268872783-2900105303-1000Core.job
[2013.03.27 10:40:40 | 000,000,719 | ---- | M] () -- C:\Users\User\Desktop\TERA.lnk
[2013.03.15 13:21:47 | 000,000,142 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.03.15 06:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.03.14 17:00:03 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.14 17:00:03 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.14 16:38:35 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.14 13:14:19 | 000,000,643 | ---- | M] () -- C:\Users\User\Desktop\S4.exe.lnk
[2013.03.12 17:53:34 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.12 14:37:39 | 000,000,799 | ---- | M] () -- C:\Users\Public\Desktop\Crysis 3.lnk
[2013.03.11 20:00:47 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.03.11 20:00:41 | 000,000,898 | ---- | M] () -- C:\Users\User\Desktop\DAEMON Tools Lite.lnk
[2013.03.11 19:19:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2013.03.10 11:45:21 | 000,000,099 | ---- | M] () -- C:\Users\User\Desktop\Reiseapotheke für Südafrika - Checkliste für Ihre Reise.url
[2013.03.06 17:57:32 | 000,000,228 | ---- | M] () -- C:\Users\User\Desktop\Arma 3 Alpha.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.30 13:05:40 | 000,000,000 | ---- | C] () -- C:\Users\User\defogger_reenable
[2013.03.26 10:44:33 | 000,000,719 | ---- | C] () -- C:\Users\User\Desktop\TERA.lnk
[2013.03.15 13:21:47 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.03.14 13:14:19 | 000,000,643 | ---- | C] () -- C:\Users\User\Desktop\S4.exe.lnk
[2013.03.14 13:07:07 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2013.03.14 13:07:07 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2013.03.14 13:07:07 | 000,035,840 | R--- | C] () -- C:\Windows\SysWow64\comdlg32.oca
[2013.03.14 13:07:06 | 000,029,184 | R--- | C] () -- C:\Windows\SysWow64\MSINET.oca
[2013.03.12 17:49:15 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.12 17:49:15 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.12 17:49:14 | 000,839,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.03.12 14:37:39 | 000,000,799 | ---- | C] () -- C:\Users\Public\Desktop\Crysis 3.lnk
[2013.03.11 20:00:37 | 000,000,898 | ---- | C] () -- C:\Users\User\Desktop\DAEMON Tools Lite.lnk
[2013.03.11 19:19:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.03.10 11:45:21 | 000,000,099 | ---- | C] () -- C:\Users\User\Desktop\Reiseapotheke für Südafrika - Checkliste für Ihre Reise.url
[2013.03.06 17:57:32 | 000,000,228 | ---- | C] () -- C:\Users\User\Desktop\Arma 3 Alpha.url
[2013.01.16 18:57:15 | 000,614,400 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll
[2013.01.16 18:57:15 | 000,421,888 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2013.01.16 18:57:15 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2013.01.16 18:57:15 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll
[2013.01.16 18:57:15 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2013.01.16 18:57:15 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll
[2013.01.16 18:57:15 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll
[2012.10.30 19:48:08 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2012.08.15 20:08:17 | 000,000,413 | ---- | C] () -- C:\Users\User\AppData\Roaming\All CPU Meter_Settings.ini
[2012.06.14 20:12:19 | 000,007,604 | ---- | C] () -- C:\Users\User\AppData\Local\resmon.resmoncfg
[2012.06.07 16:11:46 | 000,004,436 | ---- | C] () -- C:\Windows\jqxf_mg16.ini
[2012.06.07 16:11:46 | 000,001,441 | ---- | C] () -- C:\Windows\cvww-tmr24.ini
[2012.05.21 10:15:11 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012.04.23 14:24:44 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.23 10:52:03 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.04.23 10:51:53 | 000,032,187 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.31 18:39:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012.07.16 16:38:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Aeria Games & Entertainment
[2012.05.14 14:47:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2013.03.11 20:03:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2013.01.26 23:19:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Downloaded Installations
[2012.08.09 13:59:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FOG Downloader
[2012.05.06 14:46:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FreeFLVConverter
[2012.12.08 20:29:50 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2012.07.26 21:50:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gslist
[2012.05.04 17:02:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KeePass
[2013.01.16 18:46:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KillProcess
[2012.07.28 18:30:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012.04.23 16:06:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LolClient
[2012.05.24 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LolClient2
[2013.03.30 13:52:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\NetSpeedMonitor
[2012.04.26 07:11:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2012.10.28 14:04:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
[2012.12.02 15:05:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2012.12.26 18:17:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDAppFlex
[2012.05.08 13:54:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Publish Providers
[2012.08.24 15:16:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\RotMG.Production
[2012.07.15 11:06:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\runic games
[2012.07.22 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\six-zsync
[2012.05.08 13:54:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Sony
[2012.08.05 20:12:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Spirited Machine
[2012.04.25 08:55:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SplitMediaLabs
[2012.07.13 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.02.08 16:19:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeamViewer
[2012.07.19 22:27:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Teeworlds
[2012.05.07 21:14:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2013.03.30 12:02:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2013.03.11 22:22:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Tunngle
[2013.03.11 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ubisoft
[2013.02.28 08:13:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unity
[2013.02.26 14:06:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013.01.10 08:22:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wacom
========== Purity Check ==========
< End of report >
Hoffe das reicht um etwas zu finden :) |
AdwCleaner auf deinen Desktop.
SecurityCheck und:
