| crippcid | 05.07.2013 16:32 |
Liste der Anhänge anzeigen (Anzahl: 2) Leider traten einige Komplikationen auf. - Hier der OTL.log:
Code:
OTL logfile created on: 05.07.2013 17:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,90 Gb Total Physical Memory | 14,02 Gb Available Physical Memory | 88,15% Memory free
31,80 Gb Paging File | 29,74 Gb Available in Paging File | 93,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 47,81 Gb Free Space | 40,10% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 228,51 Gb Free Space | 49,06% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.07.05 16:35:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\PingChanGeR\Desktop\OTL.exe
PRC - [2013.07.05 13:11:03 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\AntiVir\Avira\AntiVir Desktop\sched.exe
PRC - [2013.07.05 13:10:08 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\AntiVir\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.07.05 13:10:08 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\AntiVir\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.06.21 18:34:06 | 000,610,152 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) -- D:\Programme\Skype\Updater\Updater.exe
PRC - [2013.05.31 18:32:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.16 16:43:15 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 16:37:50 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.16 16:37:40 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.20 07:23:29 | 000,323,336 | ---- | M] (CyberLink) -- D:\Programme\PowerDVD\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
PRC - [2013.03.20 07:23:27 | 000,077,576 | ---- | M] (CyberLink) -- D:\Programme\PowerDVD\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
PRC - [2012.12.14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.02.01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.05.01 18:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) -- D:\Programme\MaxdomeDownloadManager\DCBin\DCService.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.17 17:08:19 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
MOD - [2013.05.17 17:08:18 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll
MOD - [2013.05.17 17:08:17 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll
MOD - [2013.05.15 19:23:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.15 19:22:52 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.05.15 19:18:51 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
MOD - [2013.05.15 19:18:43 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
MOD - [2013.05.15 19:18:40 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013.05.15 19:18:38 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013.05.15 19:18:36 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
MOD - [2013.05.15 19:18:34 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013.01.10 09:08:46 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll
MOD - [2013.01.10 09:08:26 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013.01.10 09:08:17 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013.01.10 09:06:41 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c78244854f84b69701fcee19b543645\IAStorUtil.ni.dll
MOD - [2013.01.09 11:48:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 11:48:37 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 11:40:31 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 11:40:28 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 11:40:24 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.09 11:34:06 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013.01.09 11:34:04 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.01.09 11:34:03 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.01.09 11:34:03 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013.01.09 11:33:59 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.06.18 14:48:10 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011.04.12 09:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV - [2013.07.05 13:11:03 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\AntiVir\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.07.05 13:10:08 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\AntiVir\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.12 21:57:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- D:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.31 18:32:05 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.05.16 16:37:50 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.20 07:23:29 | 000,323,336 | ---- | M] (CyberLink) [Auto | Running] -- D:\Programme\PowerDVD\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe -- (CyberLink PowerDVD 13 Media Server Service)
SRV - [2013.03.20 07:23:27 | 000,077,576 | ---- | M] (CyberLink) [Auto | Running] -- D:\Programme\PowerDVD\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe -- (CyberLink PowerDVD 13 Media Server Monitor Service)
SRV - [2013.03.07 16:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 20:21:04 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\PingChanGeR\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2012.12.14 17:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 17:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.14 03:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.08.28 22:26:00 | 003,917,424 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.07.23 16:36:44 | 000,490,496 | ---- | M] () [Auto | Running] -- C:\Programme\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.02.13 11:24:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.01 18:57:50 | 000,077,032 | ---- | M] (Entriq, Inc.) [Auto | Running] -- D:\Programme\MaxdomeDownloadManager\DCBin\DCService.exe -- (Prosieben)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.06.21 14:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.06.07 05:29:52 | 000,126,464 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013.06.07 05:29:50 | 000,031,232 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2013.03.28 14:07:26 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 14:07:26 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 14:07:26 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.14 17:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.12.14 03:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.11.11 15:03:07 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.09.21 21:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.09.21 21:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.09.12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.23 16:37:50 | 000,066,928 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2012.07.23 16:37:48 | 000,157,552 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (L1C)
DRV:64bit: - [2012.07.23 16:37:44 | 003,364,720 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ak27x64.sys -- (Ak27x64)
DRV:64bit: - [2012.07.17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.20 10:32:00 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.06.14 12:27:28 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.06.14 12:27:28 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.26 14:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012.03.18 22:33:22 | 000,398,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012.02.13 11:34:42 | 000,036,128 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\leath_hid.sys -- (lehidmini)
DRV:64bit: - [2012.02.13 11:34:12 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.02.13 11:33:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.02.13 11:33:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.02.13 11:32:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.02.13 11:32:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.02.13 11:32:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.02.13 11:31:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.02.13 11:31:42 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012.02.13 11:31:12 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.03 05:21:44 | 000,340,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.12.06 04:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.04.28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.12.07 19:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.07 19:36:48 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.11.18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.10.12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:35:03 | 000,192,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\eFE5b32e.sys -- (E100B)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.05.03 17:19:38 | 000,014,032 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\se64a.sys -- (se64a)
DRV - [2013.03.19 11:08:28 | 000,130,320 | ---- | M] (CyberLink Corp.) [2013/06/01 12:59:31] [Kernel | Auto | Running] -- D:\Programme\PowerDVD\PowerDVD13\Common\NavFilter\000.fcl -- ({09F57980-3432-4AFC-957D-27AC45FAE1F5})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.05.03 17:19:38 | 000,014,032 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\se64a.sys -- (se64a)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {26D09A45-23F7-4E54-84DD-C9FF5894A0D8}
IE:64bit: - HKLM\..\SearchScopes\{26D09A45-23F7-4E54-84DD-C9FF5894A0D8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {26D09A45-23F7-4E54-84DD-C9FF5894A0D8}
IE - HKLM\..\SearchScopes\{26D09A45-23F7-4E54-84DD-C9FF5894A0D8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes,DefaultScope = {26D09A45-23F7-4E54-84DD-C9FF5894A0D8}
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{12A4BA63-3513-4979-90A4-DABD2A22A4D6}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{1BB10021-7210-4EC6-8F7F-8CBA4F180D7C}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{321F55E8-7DFC-4DE8-A7D5-5466C3D97679}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{509C83D1-381B-4B65-A43F-F7CFB1C07068}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{B609A52B-3E4D-4D6D-B94B-28D3EF9CC69D}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..\SearchScopes\{F743CACB-14BC-4631-AB04-2A38B16C777F}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=f1837a1e-12d4-4987-bc06-09bc3c234425&pid=dcude&mode=bounce&k=0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3473684151-3593769556-3048624947-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: D:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\PingChanGeR\AppData\Roaming\Mozilla\Firefox\Profiles\rahrzu9r.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: D:\Programme\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: D:\Programme\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: D:\Programme\Mozilla\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: D:\Programme\Mozilla\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Programme\Mozilla\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Programme\Mozilla\plugins
[2012.10.12 13:21:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PingChanGeR\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\PingChanGeR\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] D:\Programme\AntiVir\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PowerDVD13Agent] D:\Programme\PowerDVD\PowerDVD13\PowerDVD13Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data]
O7 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 1
O7 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = [binary data]
O7 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\Microsoft Office\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3473684151-3593769556-3048624947-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{204F2772-9F5F-42A8-A382-EDA5B0BD8285}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DF8D389-BEBB-4B4D-95D6-97059F7FDD3B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6146870-9C03-4334-B200-1B5420A936D7}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5EF0E65-1EC7-44F4-9897-942DA6A19D06}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\fluxhttp - No CLSID value found
O18:64bit: - Protocol\Handler\fluxhttp\0x00000007 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files (x86)\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3a1ef6b6-2d9c-11e2-80fc-844bf516adb3}\Shell - "" = AutoRun
O33 - MountPoints2\{3a1ef6b6-2d9c-11e2-80fc-844bf516adb3}\Shell\AutoRun\command - "" = G:\DTVP_Launcher.exe
O33 - MountPoints2\{43e20b55-16c5-11e2-b20b-8c89a5042764}\Shell - "" = AutoRun
O33 - MountPoints2\{43e20b55-16c5-11e2-b20b-8c89a5042764}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ed051344-167d-11e2-b36b-844bf516adb3}\Shell - "" = AutoRun
O33 - MountPoints2\{ed051344-167d-11e2-b36b-844bf516adb3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ed051355-167d-11e2-b36b-844bf516adb3}\Shell - "" = AutoRun
O33 - MountPoints2\{ed051355-167d-11e2-b36b-844bf516adb3}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.05 16:40:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.05 16:35:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.05 14:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.07.05 14:06:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2013.07.05 14:06:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2013.06.29 17:30:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\David_Rudie
[2013.06.29 17:22:25 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Star Wars - The Old Republic
[2013.06.29 16:14:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MonInfo
[2013.06.29 15:57:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Extron_Electronics
[2013.06.29 15:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extron Electronics
[2013.06.29 15:14:17 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\HeroBlade Logs
[2013.06.29 09:47:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SWTORPerf
[2013.06.29 09:46:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2013.06.28 18:12:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\techland
[2013.06.28 13:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.28 13:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.28 13:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.28 13:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.24 13:20:22 | 000,768,000 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdevicedll.dll
[2013.06.17 08:43:32 | 000,154,112 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rztouchdll.dll
[2013.06.17 08:43:32 | 000,056,832 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdevinfo.dll
[2013.06.17 08:43:28 | 000,117,248 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzdisplaydll.dll
[2013.06.17 08:43:26 | 000,296,448 | ---- | C] (Razer Inc) -- C:\Windows\SysWow64\rzaudiodll.dll
[2013.06.07 17:30:45 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Diablo III
[2013.06.07 14:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013.06.07 05:29:52 | 000,126,464 | ---- | C] (Razer Inc) -- C:\Windows\SysNative\drivers\rzudd.sys
[2013.06.07 05:29:50 | 000,031,232 | ---- | C] (Razer Inc) -- C:\Windows\SysNative\drivers\rzendpt.sys
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.07.05 17:05:01 | 000,020,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 17:05:01 | 000,020,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 17:03:45 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.07.05 17:02:43 | 000,319,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.05 17:02:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.05 16:44:16 | 000,247,991 | ---- | M] () -- C:\Users\***\Desktop\b.png
[2013.07.05 16:43:48 | 000,170,356 | ---- | M] () -- C:\Users\***\Desktop\a.png
[2013.07.05 16:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.05 16:36:02 | 000,377,856 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe
[2013.07.05 16:35:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.05 16:34:56 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2013.07.05 13:11:11 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.07.05 13:10:35 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.05 13:10:35 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.05 13:10:35 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.05 13:10:35 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.05 13:10:35 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.01 11:38:40 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.29 15:35:49 | 829,649,087 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.06.24 13:20:22 | 000,768,000 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdevicedll.dll
[2013.06.23 14:06:53 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.06.23 14:06:53 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.06.23 14:06:34 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.06.21 14:06:36 | 000,021,578 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.06.20 06:17:49 | 003,253,909 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.06.17 08:43:32 | 000,154,112 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rztouchdll.dll
[2013.06.17 08:43:32 | 000,056,832 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdevinfo.dll
[2013.06.17 08:43:28 | 000,117,248 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzdisplaydll.dll
[2013.06.17 08:43:26 | 000,296,448 | ---- | M] (Razer Inc) -- C:\Windows\SysWow64\rzaudiodll.dll
[2013.06.07 05:29:52 | 000,126,464 | ---- | M] (Razer Inc) -- C:\Windows\SysNative\drivers\rzudd.sys
[2013.06.07 05:29:50 | 000,031,232 | ---- | M] (Razer Inc) -- C:\Windows\SysNative\drivers\rzendpt.sys
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.07.05 17:03:45 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2013.07.05 16:44:16 | 000,247,991 | ---- | C] () -- C:\Users\***\Desktop\b.png
[2013.07.05 16:43:48 | 000,170,356 | ---- | C] () -- C:\Users\***\Desktop\a.png
[2013.07.05 16:36:05 | 000,377,856 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe
[2013.07.05 16:35:18 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2013.02.28 20:21:03 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2013.02.09 15:27:58 | 000,000,067 | ---- | C] () -- C:\Windows\MSCPXLT16.DLL
[2013.01.21 19:23:28 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 03:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 03:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.12.12 21:18:38 | 000,000,283 | ---- | C] () -- C:\Windows\game.ini
[2012.12.03 01:18:17 | 001,873,927 | ---- | C] () -- C:\Users\***\IMG_7298.JPG
[2012.12.03 01:18:17 | 001,829,752 | ---- | C] () -- C:\Users\***\IMG_7273.JPG
[2012.11.27 06:58:24 | 004,316,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012.10.25 23:50:14 | 000,007,609 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.10.15 21:20:01 | 000,000,106 | ---- | C] () -- C:\ProgramData\CameraRecorder.ini
[2012.10.12 16:10:04 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.10.12 16:10:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.09.21 21:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 21:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 21:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.07.03 03:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.06.10 02:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.05.22 01:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012.05.02 08:31:50 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.05.02 08:31:42 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.03.16 15:09:19 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.08 06:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.25 19:07:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.mono
[2013.06.01 12:49:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\aacs
[2012.11.08 09:47:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acronis
[2012.11.11 15:28:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2013.03.20 10:57:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DesktopIconForAmazon
[2012.10.13 19:14:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2012.10.12 15:42:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2013.02.28 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OCS
[2012.11.11 13:47:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2013.02.28 20:21:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2013.06.07 14:36:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Origin
[2013.03.22 15:05:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Wargaming.net
[2012.12.29 19:21:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Win7codecs
========== Purity Check ==========
< End of report >
--- --- ---
--- --- ---
- Hier der Extras.log:
Code:
OTL Extras logfile created on: 05.07.2013 17:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,90 Gb Total Physical Memory | 14,02 Gb Available Physical Memory | 88,15% Memory free
31,80 Gb Paging File | 29,74 Gb Available in Paging File | 93,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 47,81 Gb Free Space | 40,10% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 228,51 Gb Free Space | 49,06% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03473088-4A8C-4E01-BAB9-8EB38E27EC7E}" = rport=445 | protocol=6 | dir=out | app=system |
"{06741A6E-F0F2-4E84-93A0-73FBDF407B94}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{07CE9F52-5ACC-40E4-92FF-68EB31D8DA69}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B8933D2-2718-42F3-AFF7-78B543E65F26}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{104C2C22-5C6C-4795-964C-C87CF71E62A6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{24CA6872-6773-43DE-920F-7DC0EE9A5502}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2750688E-7E2E-4217-BCF2-301FAAAA7D61}" = lport=137 | protocol=17 | dir=in | app=system |
"{4135CB03-7629-4854-A9D7-B8B9DF3019CD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4E5BF11B-F98E-46FC-A2AA-85DA8125B9E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5F4DFAE6-848F-4579-9761-FF040594249B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FE788A0-8A14-44BF-BAD2-6A989C8CE27C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7AD2D890-541F-400B-9B73-B4D0457CC3E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{89897022-A0E1-46D0-A2CC-44BD36D94BAB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94EF223D-4A41-4C1D-93D1-3F04129266C5}" = rport=138 | protocol=17 | dir=out | app=system |
"{A4420C30-9901-4EB0-B742-6D9326D55642}" = lport=445 | protocol=6 | dir=in | app=system |
"{AFD177BF-B786-4A17-AEF7-D2ADDB635F36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C1A763D9-186D-4B6B-B00C-8E7EC1049D88}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3D4C910-CB44-463C-8A39-436F2A0B386C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C605E59A-827F-42A1-9401-6902D6DBBA6D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CF2880A5-2E39-402C-B29E-035476CD2265}" = rport=139 | protocol=6 | dir=out | app=system |
"{F136B02B-7070-4D24-B48E-A29BECAE5F6E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F5784491-5BAF-4E65-A871-4BC2AE6E335B}" = rport=137 | protocol=17 | dir=out | app=system |
"{F8A5457C-4175-44D8-B105-8ED5EB9719B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FB42D2F0-F40B-446C-AAD7-E6FEC5AE3181}" = lport=138 | protocol=17 | dir=in | app=system |
"{FD0A40A8-8AEA-4670-93C3-142C31D2DC91}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A2E10B-A1A1-43BC-BA21-7B18E922C7E1}" = protocol=6 | dir=in | app=d:\programme\cod4\iw3mp.exe |
"{0D5218E2-27E3-4158-9883-306F4101E55A}" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"{0E46E07D-664E-4BC7-A7AA-786BC2918C41}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{0E4E7A74-9A2E-4C84-AA43-908BC783847F}" = protocol=6 | dir=in | app=d:\programme\mirror's edge\mirrors edge\binaries\mirrorsedge.exe |
"{0F12C145-B4D9-43FE-891D-BB3BEBFDFFC2}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{12E2C4D4-F3C1-4428-AB76-6CF1273D866F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{1383992B-986D-466E-A62E-7A7229B9BB97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{13D0D16F-6B36-417D-B2A6-2A71698A3DAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{147613CD-7E6D-4987-A463-65EE3F558DDF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{17FC4A7B-DEAD-4D72-9ACF-30BDD366D669}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1922AFE7-6990-4FA3-821E-A2A5FCE60EC6}" = protocol=17 | dir=in | app=d:\programme\remote mouse\remotemouse.exe |
"{1A24F362-AED1-445B-9324-109B8D4E8E2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F404968-5FA9-46E1-A235-E8D6E4EFC30D}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\coj gunslinger\cojgunslinger.exe |
"{21670E6F-668C-4F87-AF8D-EC41CECBE408}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{235ABD48-AD27-442E-A874-9A413E04B25D}" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"{2826A355-55F4-485F-9147-F483E6380C87}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{28707849-A443-4CA6-9E20-4C203A3ED8E9}" = protocol=17 | dir=in | app=d:\programme\diabloiii\diablo iii\diablo iii.exe |
"{28F30654-AB71-4986-B671-9282E6C51678}" = dir=in | app=d:\programme\powerdvd\powerdvd13\powerdvd13.exe |
"{29AB0D34-76E1-4DCD-A21A-77351E797A68}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2AB285ED-C6D3-42DF-857B-46AA284CADBC}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{2B00711F-0A03-4FF5-9EEA-CE6429D13197}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{2D3119DF-5F3D-4C44-A347-E94937DD4EE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E1191BA-843A-49B6-B933-76AA66CBE2D4}" = protocol=6 | dir=out | app=system |
"{2F0464E3-413F-4D0C-8D5D-9F0521B21CBE}" = protocol=6 | dir=in | app=d:\programme\remote mouse\remotemouse.exe |
"{32557CD0-3137-4DC1-A3A6-20E440A85C15}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{335B6F71-6377-48FE-AC5A-F67D05C5CDFA}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{35C1879C-640B-44C3-9F84-38EA2D928B9B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{35CF4FE8-EF34-4A40-BE0D-44F318600906}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\valtanator\day of defeat source\hl2.exe |
"{371F3D88-79B5-48F2-A149-8959B861FCBE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{37A96AE2-E0C3-45E8-9744-01AF76086859}" = dir=in | app=d:\programme\powerdvd\powerdvd13\kernel\dms\clmsserverpdvd13.exe |
"{390670A1-CF3A-49D3-9AFE-EDFED5F637A1}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{39EE1B30-D6BA-4F96-A55D-689EB092403E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4350A7B7-22C4-4F76-BD90-80B692383B29}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{435F0569-6523-4A6F-A5EF-A667A8D77F40}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\microsoft flight\flight.exe |
"{438F0B70-9031-4337-8FCD-1222030AEFEE}" = dir=in | app=d:\programme\powerdvd\powerdvd13\movie\powerdvd.exe |
"{44A9A8FB-A003-4CEC-98F4-BBEF2533FC47}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{44FCD399-37B4-4989-AD83-62BB2E96B338}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47ECB5A3-B429-4ACF-ACBC-1E73086A4168}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{48EC35DB-07F3-4EEC-9280-83DAF98FD6AF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{496DA949-5A95-460B-8966-7802B6323513}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{4E61169E-A9A3-40EB-A26F-C00CE96DE6BD}" = dir=in | app=d:\programme\powerdvd\powerdvd13\movie\powerdvd cinema\powerdvdcinema13.exe |
"{4F7EF7F0-B8DD-4A72-9CAC-383746774ACA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F8CCCDD-E999-456C-99CB-613CAE17CA98}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{4FDE7C49-D550-49C3-9DC9-D2AE69C4E470}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{50C83AFD-E217-4B0D-A54F-2FCD0CC047A3}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{52F8CDCF-AFFC-4D78-B615-1F9F2051DA18}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5ED980BF-8E20-45C1-91DB-057EE3138576}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{62BA2184-05F1-4DCB-B7D0-C5307208EFE5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6693CBC8-B631-4D5D-9DFE-E37FC4598585}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{67DC1B87-F18F-4412-A5A3-7C8E5C3D4BD5}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\counter-strike source\hl2.exe |
"{686FBD6F-EA15-4332-B697-1242FE917903}" = dir=in | app=d:\programme\powerdvd\powerdvd13\powerdvd13ml.exe |
"{6FB474B9-0AB8-414F-9C3B-7A43539FEEF3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{6FF74962-20EB-485C-AE54-06B8A0CC874C}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{705E46C9-AD42-4917-98F1-D24D2753655F}" = protocol=17 | dir=in | app=d:\programme\battlefield 1942\battlefield 1942\bf1942.exe |
"{75C7BB7A-499C-4E8F-A073-647DA9CF5CB2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{778B4307-7078-48B6-A65B-62B5BE4FFF5C}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\valtanator\day of defeat source\hl2.exe |
"{7D9C5CFD-9C96-4D65-B6EA-DF439F07B9CD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{80D193C2-1842-48A0-BBFC-75C0D7E3FDEE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{815A1262-3314-4078-90B4-7EB6AD807F0D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{843D3123-B922-4757-B675-9D484973B014}" = protocol=17 | dir=in | app=d:\programme\mirror's edge\mirrors edge\binaries\mirrorsedge.exe |
"{84BF6008-F3F4-47E2-B099-9578E56E6223}" = protocol=17 | dir=in | app=d:\programme\battlefield 2\battlefield 2 complete collection\bf2.exe |
"{85999D68-0DA0-4671-BF1F-207B940FB27F}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\coj gunslinger\cojgunslinger.exe |
"{89097A93-BDE0-4F88-AC0D-2FFA8C181D1A}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9159FBE1-B811-4AE1-94AC-21C0A3952E21}" = protocol=6 | dir=in | app=d:\programme\battlefield 3\battlefield 3\bf3.exe |
"{9B0EEDEB-1033-4439-B730-53F310C5EC51}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9D2A6309-0150-4E09-913F-DE10F79B01B1}" = dir=in | app=d:\programme\powerdvd\powerdvd13\powerdvd13agent.exe |
"{9E11C787-52F5-4BAB-809B-24F894244D9F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{A4C464D7-73EB-41CD-85D3-10BD705DC2F6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A6DE2937-6D97-4278-9FB2-977386DE5750}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A8A67CC9-4567-4089-9EFD-A7365E7A330B}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\counter-strike source\hl2.exe |
"{A952BACD-BB57-4F83-85AA-EAFAE0443B19}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{AE5B59E7-1E21-4157-BD3C-FE9047BDE292}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{AFFE1D22-3032-417B-A6CF-85BBD4F62153}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B0104626-3ED4-4F72-9BEB-C2BC91FD44DE}" = dir=in | app=d:\programme\itunes\itunes.exe |
"{B0A4DA33-968E-4B56-AB92-786F4768F030}" = protocol=6 | dir=in | app=d:\programme\battlefield 2\battlefield 2 complete collection\bf2.exe |
"{B98322E4-C4B5-4A60-A25D-0759D0844A2C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{BB8710EC-52AF-40F0-BF29-FEAB8B6F7DA4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BD32619A-8C31-4902-82B7-BF288DCCCD56}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD65EBCD-D2A8-4942-8A54-845A83767C53}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{BF2F971C-663F-4AAD-85BC-2BE0F4998610}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{C2436198-11B1-4FAB-BFC2-589A0F2CC89D}" = protocol=17 | dir=in | app=d:\programme\cod4\iw3mp.exe |
"{C4CC98A1-C18D-4DAB-8F17-9EAFF6297628}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{C6CF624A-DEF2-4ACA-93F3-86D1222BFE6A}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{C78D47C9-D61C-4429-A2EA-AE6F30AE78F3}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{C82CD548-AD17-47BF-BD39-103FF31B3DB1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{CAED837B-C17F-4CB0-B019-942B54D1FB1D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFBE0B05-845E-4D2A-8511-BC809B3C857C}" = dir=in | app=d:\programme\skype\phone\skype.exe |
"{CFFE5100-6EBE-4686-93E6-9D3EA11AAA2C}" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{D03BE9D3-8546-47F2-8A21-1D177B32E8F7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0B8E503-73BF-48C6-8690-C804D5E15E74}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DAF37E5D-41CD-4C58-86B0-82CBDCD1F88F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DB2AF483-2312-48E3-B671-6893001C1699}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{DBC68980-F600-426D-9C96-096F641750BE}" = protocol=17 | dir=in | app=d:\programme\battlefield 3\battlefield 3\bf3.exe |
"{DFB8D3AB-934F-4B35-A878-0B959816B79F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{E1136955-D98D-42B3-A06D-F2A30E1545BE}" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\microsoft flight\flight.exe |
"{E12AF101-A697-4F47-85B4-AB1F45AA92B9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E18BFCF6-0B66-4CF0-87DF-5EF5CD8562FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2A07B1C-A5C6-44AF-8510-7413E79A0BDE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EB8E121F-C6C8-4224-AE7E-DC568F262D8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EBC7B563-F7B7-4266-AB8E-0C4BEA73D191}" = dir=in | app=d:\programme\powerdvd\powerdvd13\kernel\dmr\powerdvd13dmrengine.exe |
"{ED716F58-40AD-4430-93F5-D3ADAD35F0B1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EF31764E-4464-4161-8C36-786AC7FD51C6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{F28127D0-AC88-4BBA-A753-D43180CF15FD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F2CF9549-555C-43E1-B555-115A4C698942}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F2DAE717-FEF5-4237-85AC-9CA22DF8BE2F}" = protocol=6 | dir=in | app=d:\programme\diabloiii\diablo iii\diablo iii.exe |
"{F79082F2-486D-4F67-91D3-F3FE1CF0257E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{FE8655A5-77F3-4CF2-A265-1AD905452F11}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{FF36BDA8-2AE5-4409-9181-9D31B7AF7E60}" = protocol=6 | dir=in | app=d:\programme\battlefield 1942\battlefield 1942\bf1942.exe |
"TCP Query User{2B7BBEB9-FBCA-4259-89C7-CA6824FC10EC}D:\programme\dcuni\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=d:\programme\dcuni\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{5A51D669-F49D-47A6-B0D8-2B21994E0705}D:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{7F8B84DA-B44C-47AC-A006-8379B76D2D5D}D:\programme\world of tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\programme\world of tanks\wotlauncher.exe |
"TCP Query User{8ED2A39F-9A0C-4241-8B67-2AB8DEB36DC3}D:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{A30F3BD5-62FD-4458-ABF2-D25280FDE1BC}D:\programme\battlefield 3\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=d:\programme\battlefield 3\battlefield 3\bf3.exe |
"TCP Query User{BB489543-A604-469E-975D-5537370D16F3}D:\programme\steam\steam.exe" = protocol=6 | dir=in | app=d:\programme\steam\steam.exe |
"TCP Query User{C2A70D19-8BFA-4D33-B2AC-64D6BCA4B509}D:\programme\world of tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\programme\world of tanks\worldoftanks.exe |
"TCP Query User{D5BC0413-B4A2-434F-8FEB-AABC335AEDC6}C:\users\pingchanger\appdata\local\temp\978d.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\pingchanger\appdata\local\temp\978d.tmp\kmservice.exe |
"TCP Query User{DE32F410-697A-427D-95B1-F66267DB0378}D:\programme\dcuni\unreal3\binaries\win32\dcgame.exe" = protocol=6 | dir=in | app=d:\programme\dcuni\unreal3\binaries\win32\dcgame.exe |
"TCP Query User{F268A570-A7A7-4C22-A245-43B8BADA8808}D:\programme\diabloiii\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=d:\programme\diabloiii\diablo iii\diablo iii.exe |
"UDP Query User{16A8F970-FBDC-4250-9411-F2B3FD928E0F}D:\programme\battlefield 3\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=d:\programme\battlefield 3\battlefield 3\bf3.exe |
"UDP Query User{2966E36B-F30B-46B0-B669-93A612EF6F9B}D:\programme\dcuni\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=d:\programme\dcuni\unreal3\binaries\win32\dcgame.exe |
"UDP Query User{30071878-F4C9-4CCA-9930-930804C5A185}D:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{4541C202-2C2D-42AF-8924-01D989E004D2}D:\programme\dcuni\unreal3\binaries\win32\dcgame.exe" = protocol=17 | dir=in | app=d:\programme\dcuni\unreal3\binaries\win32\dcgame.exe |
"UDP Query User{45EE31E5-60EE-4C68-B1D2-7E6D4CB0006E}D:\programme\world of tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\programme\world of tanks\worldoftanks.exe |
"UDP Query User{4DDB2AD3-38DA-4FEF-A25D-BB50F2FB310E}D:\programme\world of tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\programme\world of tanks\wotlauncher.exe |
"UDP Query User{A32BA324-8BF5-482F-85F0-0E3D921D092B}D:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=d:\programme\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{BC4816F0-40B5-446B-8970-C87A2C960AF1}D:\programme\diabloiii\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=d:\programme\diabloiii\diablo iii\diablo iii.exe |
"UDP Query User{CEFFB015-70ED-4591-99F2-70806DCE0E35}D:\programme\steam\steam.exe" = protocol=17 | dir=in | app=d:\programme\steam\steam.exe |
"UDP Query User{FF8E4CA5-16EF-4867-A7FD-472C39866AAA}C:\users\pingchanger\appdata\local\temp\978d.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\pingchanger\appdata\local\temp\978d.tmp\kmservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417015FF}" = Java 7 Update 15 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C74FB740-D02E-40EA-A09E-B19FC74F324F}" = Microsoft Deployment Toolkit 2012 Update 1 (6.1.2373.0)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"845E564BAE975482FB7B778B84AD2938C9534679" = Windows-Treiberpaket - Intel (NETwNs64) net (11/29/2011 15.0.0.75)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SearchAnonymizer" = SearchAnonymizer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1" = Remote Mouse version 2.00
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1104E2E0-9378-455d-9E0E-6235A4E52DB0}_is1" = ArchLord
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}" = Camera Recorder
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E948B551-08DB-4163-8995-8C43B03D1B19}" = maxdome Download Manager 4.1.300.78
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F89D78D1-FCCF-41B2-B3BC-A6CB836DD85F}" = Extron Electronics - EDID Manager
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}" = CyberLink PowerDVD 13
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mobile Partner" = Mobile Partner
"Monitor Asset Manager" = Monitor Asset Manager
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"Prüfungsfragen-CD_is1" = Prüfungsfragen-CD Version 1.8
"PunkBusterSvc" = PunkBuster Services
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 204450" = Call of Juarez Gunslinger
"Steam App 240" = Counter-Strike: Source
"Steam App 32430" = Star Wars: The Force Unleashed Ultimate Sith Edition
"Steam App 49520" = Borderlands 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3473684151-3593769556-3048624947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"SOE-DC Universe Online Live" = DC Universe Online Live
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.06.2013 05:38:03 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2013 10:39:04 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2013 15:04:06 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.06.2013 07:07:09 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.06.2013 11:58:37 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Origin.exe, Version 9.2.1.4399 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1bdc Startzeit:
01ce6e97fd13fed7 Endzeit: 10 Anwendungspfad: D:\Programme\Origin\Origin.exe Berichts-ID:
5264e2e0-da8b-11e2-8100-8c89a5042764
Error - 21.06.2013 12:00:13 | Computer Name = ***-PC | Source = Application Hang | ID = 1002
Description = Programm Origin.exe, Version 9.2.1.4399 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1a48 Startzeit:
01ce6e985220a234 Endzeit: 9 Anwendungspfad: D:\Programme\Origin\Origin.exe Berichts-ID:
a65563b4-da8b-11e2-8100-8c89a5042764
Error - 22.06.2013 02:24:34 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.06.2013 03:58:38 | Computer Name = ***-PC | Source = MsiInstaller | ID = 11609
Description =
Error - 23.06.2013 03:59:58 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.06.2013 23:33:51 | Computer Name = ***-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 29.06.2013 08:43:23 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 29.06.2013 09:35:52 | Computer Name = ***-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?06.?2013 um 15:34:23 unerwartet heruntergefahren.
Error - 29.06.2013 09:35:53 | Computer Name = ***-PC | Source = BugCheck | ID = 1001
Description =
Error - 29.06.2013 09:37:27 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 29.06.2013 11:10:35 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 29.06.2013 17:05:05 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 30.06.2013 06:42:29 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 30.06.2013 07:06:32 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 30.06.2013 09:21:43 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
Error - 30.06.2013 11:00:52 | Computer Name = ***-PC | Source = bowser | ID = 8003
Description =
< End of report >
--- --- ---
Nach dem zweiten Neustart wollte ich die gmer.exe als Administrator ausführen. Dies hat auch noch soweit geklappt. Als ich dann die notwendigen Einstellungen getroffen habe und Scannen wollte, ist das Programm nach einiger Zeit abgestürzt.
Mir ist aufgefallen, dass mein Antivir wieder eingeschaltet war und wollte es somit nochmal deaktivieren. Hat nicht funktioniert. 2 Screenshots habe ich angehängt. Anhang 57493 Anhang 57494 |
Bitte lesen:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
