| |
| |||||||
Log-Analyse und Auswertung: Internetseiten verhalten sich seltsam.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.07.2012, 21:06
| #1 |
| |  Internetseiten verhalten sich seltsam. Seit nun zwei Tagen verhält sich mein Internet seltsam.. Zuerst war es aus unerfindlichen Gründen Extrem langsam (1Mbit/10Mbit normal). Mein router zeigte mir allerdings die normale Geschwindigkeit an (10 Mbit). Über Nacht ist das Geschwindigkeitsproblem verschwunden aber seit einem Tag danach werden Seiten manchmal einfach nicht korrekt geladen. Dies äußert sich doch Content der nicht auftaucht, oder Bilder die nicht angezeigt werden. Seiten einen Ladebalken noch anzeigen obwohl sie Garnichts runterladen (laut NetLimiter). Das Verhalten ist bei jedem Browser gleich (getestet mit Chrome und Firefox) Manche seiten lassen sich überhaupt nicht aufrufen (auch nicht anpingen) Wenn ich die Seiten per Proxy (vtunnel) aufrufe habe ich keinerlei Probleme. Habe bereits einmal Kaspersky durchlaufen lasse, hat nichts gefunden... OTL-Extras Code:
ATTFilter OTL Extras logfile created on: 06.07.2012 21:57:18 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = F:\Download
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,98 Gb Total Physical Memory | 13,65 Gb Available Physical Memory | 85,42% Memory free
15,98 Gb Paging File | 13,59 Gb Available in Paging File | 85,07% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 13,62 Gb Free Space | 12,20% Space Free | Partition Type: NTFS
Drive E: | 341,80 Gb Total Space | 250,63 Gb Free Space | 73,33% Space Free | Partition Type: NTFS
Drive F: | 1521,09 Gb Total Space | 803,34 Gb Free Space | 52,81% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 69,53 Mb Free Space | 69,53% Space Free | Partition Type: NTFS
Drive P: | 601,80 Mb Total Space | 430,58 Mb Free Space | 71,55% Space Free | Partition Type: FAT32
Computer Name: MARGUTH | User Name: MisterX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B85A072-AA69-4CC6-8133-0F9D7EB72A1C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2763DA6D-445A-418D-8A78-71FE23F9A216}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{2A31BCDB-FB44-4CDD-8558-DECEDE5E1280}" = rport=139 | protocol=6 | dir=out | app=system |
"{329D1BF5-D628-4632-934D-1F2F3321D892}" = lport=137 | protocol=17 | dir=in | app=system |
"{33BD363B-966A-43BB-903E-C3D6174A1545}" = rport=445 | protocol=6 | dir=out | app=system |
"{4BEC4E07-91DF-4DCF-9200-A3134F68E498}" = lport=139 | protocol=6 | dir=in | app=system |
"{5180FDF8-E299-4B52-B768-CD3F9530F212}" = rport=137 | protocol=17 | dir=out | app=system |
"{53ABB748-7E13-418D-81E2-BDC8FF376700}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8ACD5A81-4547-42FE-B0CF-973378597BD6}" = lport=445 | protocol=6 | dir=in | app=system |
"{93DD3B1D-822D-4837-856D-B605928AC8E5}" = lport=138 | protocol=17 | dir=in | app=system |
"{B3AB445E-71CA-45B7-84C3-A354A470415A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BE630631-981A-4F79-A691-851EB20315BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BE773885-A1D1-4A50-A778-29E02165C3B4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C4B3EB38-9D8A-4156-A817-EB3326343F07}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043E1120-75C2-4C44-BFC3-11BC6B070F83}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0B34963C-6E4D-4FA1-929D-FA8E0715C209}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{0E743925-942F-4100-9D9F-3479A28C0965}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0FBDA598-B171-4FDF-8CF2-9DFC9B433CB3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{116BBC20-D786-4BD4-8922-24E7B42F0C03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{11BD2BD5-6007-47A1-A631-D78952759DDE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{190838F6-E820-418A-9027-B56A727CB3C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{196E29A0-0F74-4DCB-9A25-64D5CE613FAD}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{1B27ACCA-E99B-4BEC-AECB-A3C6B9CBC77C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{21B017CD-8B56-41A6-926C-E17E69C1DEBC}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{226EFEB0-75AF-464A-9746-DBEEB0B14464}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{228A92A6-3D99-453D-8B32-18FC42204F30}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{346B464B-033B-4C9F-9AC2-22BDD3B6CF7C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3B10B0BB-4AF1-4535-AD8B-2E8A0632E779}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{3E5EA053-54C8-41BC-9DB5-C60037573A94}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{3F7048A7-5B5D-4FFB-97F8-A462A134AC5B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{4A6F9F2D-6307-4417-8142-F67FCF6470C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4B13354A-54B2-4E2D-A27D-34514C4B6659}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{4B607A92-6839-4DF4-8827-F406DACD361F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{4D541BD6-588A-4CFB-AF8D-6199215B0567}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{4D6D0831-39E7-49FD-9711-1318A4006371}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{50AEAFDC-CFFC-4F0E-95F4-C29C1CB0AE05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6120C8E8-96E9-44E0-ABD8-1EA9CB50FA3C}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{632BF92D-4427-4363-A2BC-FBB702E58BC9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{644988C3-C9F0-4571-8426-E5B065E6B0C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{655F0D09-B44D-48BB-B174-C6D18EB7F39F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{666EC854-9F99-4A1B-808B-5DB12E081F14}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{6924403B-B655-4387-9369-0429F11FD24E}" = protocol=6 | dir=in | app=e:\the secret world\clientpatcher.exe |
"{7020121D-E907-4C0C-953B-96E75B1305F8}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{7B75663B-79F0-4540-AF60-0258087005D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7E1D8C8A-0B09-4300-AABD-D9EC8982A4C8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7EEC309C-27FC-48D9-AD32-58F16A69FE83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{80A78DF9-6F32-422E-80A4-754B83634E88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\docs\ea help\electronic_arts_technical_support.htm |
"{81E6C6C9-2218-40CF-BD05-FA15B7B1FD4E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{91E8DB96-6D27-4F96-B30F-39688231D0D5}" = protocol=17 | dir=in | app=e:\the secret world\clientpatcher.exe |
"{967CF180-43FB-4757-B29F-60F0CB154E20}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9F826C2D-C8BF-4C45-8B8D-750E56045C10}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A29EBD4F-5747-48F1-B5EF-B82C531724DA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A4926D31-10CA-4676-A283-DEDC9109A514}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{AA0C7B1B-DB7A-4F3C-BDD9-4A2E0E6B479A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"{BCEB7A7C-61A3-410A-9CFA-D0973037592A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe |
"{C29FD72E-9848-47DA-BD50-FF795BD22B3C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C38F9C33-C7F0-455D-AA2D-25AEC743D1CE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{D1C45D17-28BC-45F3-9EB9-D05AB0F760A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{D2D09637-C29B-42A3-BC40-F78CF1A6B560}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{E19B5094-836B-4FBA-BB3C-015BF0917C12}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E904FB05-0FED-4CEC-856A-DEC9BFDCAC01}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{EC6EF2A5-FE7A-41A0-907E-4DF2D8C780E2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EDEA6AC7-E1F4-49B9-B5D5-0BB07B7310C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{F7EAD8CD-EAA9-42D8-AA6F-478325C96E27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{F832B6ED-E9AD-4D7C-84C2-64CB19CB4C06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mount & blade with fire and sword\mb_wfas.exe |
"{FC1DA672-C2B0-4918-A19A-438EDDAE6F20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect\binaries\masseffect.exe |
"TCP Query User{8AF310CA-68A4-4DFB-87C9-391E4521098B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EE104D96-F9ED-49EC-863B-2299BD43D2E4}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FF5C7C9-86CC-41ED-B93B-0B51AB4FED24}" = VmciSockets
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90899269-554B-4672-9F8D-4A2A0D0AF5B5}" = Intel(R) Network Connections 16.5.2.0
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 304.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 304.48
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}" = O&O Defrag Professional
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"ArchiCrypt Ultimate RAM-Disk3_is1" = ArchiCrypt Ultimate RAM-Disk 3 Version 3.0.7.2618
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.58
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"ProgDVB" = ProgDVB
"PROSetDX" = Intel(R) Network Connections 16.5.2.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
"Zune" = Zune
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.0.0
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018303}" = Fable III
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}" = Razer DeathAdder(TM) Mouse
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Afterburner" = MSI Afterburner 2.1.0
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio-Systemsteuerung
"AutoHotkey" = AutoHotkey 1.0.48.05
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.7.0
"MagniDriver" = marvell 91xx console driver
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 200210" = Realm of the Mad God
"Steam App 202480" = Creation Kit
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"The Secret World_is1" = The Secret World
"VMware_Player" = VMware Player
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.5
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.07.2012 19:38:02 | Computer Name = Marguth | Source = VSS | ID = 13
Description =
Error - 03.07.2012 19:38:02 | Computer Name = Marguth | Source = VSS | ID = 8193
Description =
Error - 03.07.2012 19:38:02 | Computer Name = Marguth | Source = System Restore | ID = 8193
Description =
Error - 04.07.2012 16:00:05 | Computer Name = Marguth | Source = Windows Search Service | ID = 1019
Description =
Error - 05.07.2012 15:39:42 | Computer Name = Marguth | Source = VSS | ID = 13
Description =
Error - 05.07.2012 15:39:42 | Computer Name = Marguth | Source = VSS | ID = 8193
Description =
Error - 05.07.2012 15:39:42 | Computer Name = Marguth | Source = System Restore | ID = 8193
Description =
Error - 06.07.2012 13:50:53 | Computer Name = Marguth | Source = VSS | ID = 13
Description =
Error - 06.07.2012 13:50:53 | Computer Name = Marguth | Source = VSS | ID = 8193
Description =
Error - 06.07.2012 13:50:53 | Computer Name = Marguth | Source = System Restore | ID = 8193
Description =
[ NetLimiter 3 Events ]
Error - 12.05.2012 07:40:34 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 13.05.2012 07:11:29 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 14.05.2012 11:19:53 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 15.05.2012 11:52:10 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 15.05.2012 15:12:39 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2160</err-code> <module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
Error - 15.05.2012 15:12:40 | Computer Name = Marguth | Source = NetLimiter 3 Client | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80004005'>Unbekannter
Fehler</hresult> <module>NetLimiter.PlgLib.NVNode.1055</module> </nl-error> <nl-error>
<err-code>2160</err-code>
<module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
Error - 15.05.2012 15:12:43 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2160</err-code> <module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
Error - 15.05.2012 15:12:43 | Computer Name = Marguth | Source = NetLimiter 3 Client | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80004005'>Unbekannter
Fehler</hresult> <module>NetLimiter.PlgLib.NVNode.1055</module> </nl-error> <nl-error>
<err-code>2160</err-code>
<module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
Error - 15.05.2012 15:23:41 | Computer Name = Marguth | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2160</err-code> <module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
Error - 15.05.2012 15:23:41 | Computer Name = Marguth | Source = NetLimiter 3 Client | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80004005'>Unbekannter
Fehler</hresult> <module>NetLimiter.PlgLib.NVNode.1055</module> </nl-error> <nl-error>
<err-code>2160</err-code>
<module>NetLimiter.Security.204</module>
<desc>NetLimiter
registration or trial period expired.</desc> </nl-error> </nl-error-list>
[ System Events ]
Error - 29.06.2012 19:58:56 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 03.07.2012 01:43:41 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 03.07.2012 14:56:28 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 03.07.2012 16:05:53 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 04.07.2012 01:43:24 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 05.07.2012 01:48:51 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 06.07.2012 01:59:27 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 06.07.2012 14:30:26 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 06.07.2012 15:54:07 | Computer Name = Marguth | Source = Service Control Manager | ID = 7043
Description = Der Dienst ArchiCrypt Ultimate RAM-Disk 3 - Realisiert RAM-Disk konnte
nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren
werden.
Error - 06.07.2012 15:55:05 | Computer Name = Marguth | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
< End of report >
Otl.txt Code:
ATTFilter OTL logfile created on: 06.07.2012 21:57:18 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = F:\Download 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,98 Gb Total Physical Memory | 13,65 Gb Available Physical Memory | 85,42% Memory free 15,98 Gb Paging File | 13,59 Gb Available in Paging File | 85,07% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,69 Gb Total Space | 13,62 Gb Free Space | 12,20% Space Free | Partition Type: NTFS Drive E: | 341,80 Gb Total Space | 250,63 Gb Free Space | 73,33% Space Free | Partition Type: NTFS Drive F: | 1521,09 Gb Total Space | 803,34 Gb Free Space | 52,81% Space Free | Partition Type: NTFS Drive G: | 100,00 Mb Total Space | 69,53 Mb Free Space | 69,53% Space Free | Partition Type: NTFS Drive P: | 601,80 Mb Total Space | 430,58 Mb Free Space | 71,55% Space Free | Partition Type: FAT32 Computer Name: MARGUTH | User Name: MisterX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.06 21:56:50 | 000,595,968 | ---- | M] (OldTimer Tools) -- F:\Download\OTL.exe PRC - [2012.04.21 19:21:30 | 000,876,032 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\ClickClean.exe PRC - [2012.02.25 12:42:53 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.01.18 16:11:40 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2012.01.18 16:11:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe PRC - [2011.03.27 11:56:38 | 001,567,160 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) -- C:\RAM-Disk 3\ACUltimateRamDisk.exe PRC - [2011.03.21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe PRC - [2011.02.15 13:20:22 | 000,364,544 | ---- | M] () -- C:\MSI Afterburner\MSIAfterburner.exe PRC - [2011.02.07 06:14:24 | 000,143,360 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTSS.exe PRC - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe PRC - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe PRC - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe PRC - [2010.04.27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe PRC - [2010.02.12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2007.12.19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe ========== Modules (No Company Name) ========== MOD - [2012.04.21 19:21:30 | 000,876,032 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\ClickClean.exe MOD - [2012.02.15 07:03:36 | 000,429,040 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll MOD - [2012.02.15 07:03:34 | 003,772,912 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll MOD - [2012.02.15 07:02:10 | 000,122,880 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll MOD - [2012.02.15 07:02:08 | 000,220,672 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll MOD - [2012.02.15 07:02:07 | 001,747,456 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll MOD - [2012.02.15 04:00:24 | 008,593,568 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll MOD - [2012.02.15 04:00:24 | 008,593,568 | ---- | M] () -- C:\Users\MisterX\AppData\Local\Google\Chrome\APPLIC~1\170963~1.56\gcswf32.dll MOD - [2011.04.14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe MOD - [2011.03.21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe MOD - [2011.02.15 13:20:22 | 000,364,544 | ---- | M] () -- C:\MSI Afterburner\MSIAfterburner.exe MOD - [2011.02.15 13:20:08 | 000,061,440 | ---- | M] () -- C:\MSI Afterburner\RTMUI.dll MOD - [2011.02.15 13:20:02 | 000,278,528 | ---- | M] () -- C:\MSI Afterburner\RTHAL.dll MOD - [2011.02.15 13:19:44 | 000,229,376 | ---- | M] () -- C:\MSI Afterburner\RTCore.dll MOD - [2011.02.15 13:19:30 | 000,147,456 | ---- | M] () -- C:\MSI Afterburner\RTUI.dll MOD - [2011.02.15 13:19:20 | 000,061,440 | ---- | M] () -- C:\MSI Afterburner\RTFC.dll MOD - [2011.02.07 06:14:24 | 000,143,360 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTSS.exe MOD - [2011.02.07 06:14:22 | 000,061,440 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTMUI.dll MOD - [2011.02.07 06:14:18 | 000,081,920 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll MOD - [2011.02.07 06:14:16 | 000,147,456 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTUI.dll MOD - [2011.02.07 06:14:14 | 000,061,440 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTFC.dll MOD - [2010.07.27 06:37:16 | 000,013,312 | ---- | M] () -- C:\MSI Afterburner\RTTSH.dll MOD - [2010.07.27 06:37:16 | 000,013,312 | ---- | M] () -- C:\MSI Afterburner\Bundle\OSDServer\RTTSH.dll MOD - [2010.04.27 14:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.02.21 12:21:14 | 000,437,208 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\SysNative\ACRAMDiskHandlerService64RD3.exe -- (ArchiCrypt Ultimate RAM-Disk 3) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.06.23 21:26:51 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.19 22:55:28 | 000,529,232 | ---- | M] (Valve Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.25 12:42:53 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.01.18 16:11:40 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2012.01.18 16:11:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2012.01.18 13:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.25 22:27:59 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2011.12.22 00:39:41 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2011.11.17 19:20:58 | 003,273,552 | ---- | M] (O&O Software GmbH) [Auto | Running] -- E:\Defrag\oodag.exe -- (OODefragAgent) SRV - [2011.08.29 22:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2011.08.16 21:04:35 | 001,038,088 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV - [2011.08.16 21:04:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.08.05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2011.08.05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2011.08.05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2011.04.01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011.03.21 17:19:16 | 001,845,248 | ---- | M] (Locktime Software) [Auto | Running] -- E:\NetLimiter\nlsvc.exe -- (nlsvc) SRV - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe -- (asHmComSvc) SRV - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc) SRV - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS) SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.03.21 20:06:27 | 000,053,600 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GsRamDsk.sys -- (GsRamDsk) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 16:11:56 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2012.01.18 16:11:08 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2012.01.18 16:10:38 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2012.01.18 13:06:00 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2012.01.18 13:06:00 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.08.29 22:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2011.07.20 10:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2011.04.26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.04.01 05:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C510(UVC) DRV:64bit: - [2011.03.21 17:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisPT) DRV:64bit: - [2011.03.21 17:44:30 | 000,033,416 | ---- | M] (Locktime Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nlndis.sys -- (NLNdisMP) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.21 12:21:12 | 000,024,536 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ACMoFlex64RD3.sys -- (ACMoFlex64RD3) DRV:64bit: - [2010.12.10 13:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.12.10 13:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.01 00:16:34 | 000,013,312 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms) DRV:64bit: - [2010.09.22 19:58:06 | 000,063,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE) DRV:64bit: - [2010.08.27 19:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:64bit: - [2010.08.17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT) DRV:64bit: - [2010.08.10 10:38:49 | 000,050,056 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:64bit: - [2010.08.10 10:38:49 | 000,022,792 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:64bit: - [2010.08.10 10:38:39 | 000,171,016 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0CCB.sys -- (SaiK0CCB) DRV:64bit: - [2010.08.10 10:38:39 | 000,041,096 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiU0CCB.sys -- (SaiU0CCB) DRV:64bit: - [2010.07.07 22:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k) DRV:64bit: - [2010.07.07 22:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:64bit: - [2010.07.07 22:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010.07.07 22:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010.07.07 22:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010.07.07 22:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010.07.07 22:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV:64bit: - [2010.07.07 22:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010.07.07 22:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS) DRV:64bit: - [2010.07.07 22:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:64bit: - [2010.07.07 22:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS) DRV:64bit: - [2010.07.07 22:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:64bit: - [2010.07.07 22:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS) DRV:64bit: - [2010.07.07 22:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT) DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.03.30 11:09:50 | 000,653,312 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA) DRV:64bit: - [2010.03.25 17:52:26 | 000,154,880 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM) DRV:64bit: - [2010.03.23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV - [2011.03.21 17:44:28 | 000,088,200 | ---- | M] (Locktime Software) [Kernel | System | Running] -- E:\NetLimiter\nltdi.sys -- (nltdi) DRV - [2010.05.27 02:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 C3 81 1F 7F B2 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..network.proxy.ftp: "213.246.52.37" FF - prefs.js..network.proxy.ftp_port: 3129 FF - prefs.js..network.proxy.http: "213.246.52.37" FF - prefs.js..network.proxy.http_port: 3129 FF - prefs.js..network.proxy.socks: "213.246.52.37" FF - prefs.js..network.proxy.socks_port: 3129 FF - prefs.js..network.proxy.ssl: "213.246.52.37" FF - prefs.js..network.proxy.ssl_port: 3129 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.09 00:57:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.25 12:33:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 22:53:48 | 000,000,000 | ---D | M] [2011.03.30 23:00:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MisterX\AppData\Roaming\mozilla\Extensions [2012.07.05 21:07:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MisterX\AppData\Roaming\mozilla\Firefox\Profiles\y07ph9cp.default\extensions [2012.05.31 12:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.23 21:15:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.02.25 12:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions [2012.03.24 22:53:44 | 000,080,872 | ---- | M] () (No name found) -- C:\USERS\MisterX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y07PH9CP.DEFAULT\EXTENSIONS\{9C51BD27-6ED8-4000-A2BF-36CB95C0C947}.XPI [2012.01.05 20:53:15 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\MisterX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y07PH9CP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.02.25 12:33:56 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.09.16 21:24:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.16 21:16:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.09.16 21:24:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.09.16 21:24:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.16 21:24:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.16 21:24:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Disabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll CHR - plugin: Mixesoft Click&Clean Plug-In (Enabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npccch32.dll CHR - plugin: Bitdefender QuickScan (Enabled) = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npqscan.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Dev HTTP Client = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm\0.6.4.4_0\ CHR - Extension: YouTube = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Click&Clean = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\ CHR - Extension: AdBlock = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\ CHR - Extension: Disconnect = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\3.4.0_0\ CHR - Extension: Skype Click to Call = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\MisterX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [OODefragTray] E:\Defrag\oodtray.exe (O&O Software GmbH) O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe () O4 - HKCU..\Run: [ACRAMDisk] C:\RAM-Disk 3\ACUltimateRamDisk.exe (Softwareentwicklung Remus - ArchiCrypt) O4 - HKCU..\Run: [NetLimiter] E:\NetLimiter\NLClientApp.exe (Locktime Software) O4 - Startup: C:\Users\MisterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA_Inspector_MultiDisplayPowerSaver.lnk = C:\Users\MisterX\Desktop\nvidiaInspector\nvidiaInspector.exe (Orbmu2k) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{283FB941-AD19-4053-B202-19BFEFCE7095}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{003d6f82-b20d-11e0-b736-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{003d6f82-b20d-11e0-b736-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Ctrun\Start.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.04 21:24:02 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Local\Chromium [2012.07.03 20:28:57 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Local\Funcom [2012.07.03 20:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Funcom [2012.07.03 20:28:51 | 000,000,000 | ---D | C] -- C:\The Secret World [2012.07.01 22:53:22 | 000,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RICHTX32.OCX [2012.07.01 22:53:22 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX [2012.07.01 22:53:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wecker für Windows [2012.06.26 18:36:08 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Local\SIX_Projects [2012.06.24 02:33:23 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Roaming\six-zsync [2012.06.24 02:33:23 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Roaming\six-updater [2012.06.24 02:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects [2012.06.24 02:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects [2012.06.24 02:27:35 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Local\ArmA 2 OA [2012.06.24 02:25:01 | 000,000,000 | ---D | C] -- C:\Users\MisterX\Documents\ArmA 2 [2012.06.24 02:25:01 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Local\ArmA 2 [2012.06.24 02:25:00 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.06.24 02:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.06.23 03:50:03 | 000,000,000 | ---D | C] -- C:\Users\MisterX\AppData\Roaming\LolClient2 [2012.06.23 03:11:42 | 000,000,000 | ---D | C] -- C:\League of Legends [2012.06.22 20:21:43 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.22 20:21:43 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.22 20:21:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.22 20:21:42 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.22 20:21:42 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.22 20:21:42 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.22 20:21:41 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.22 20:21:41 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.06.20 20:32:02 | 026,238,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.06.20 20:32:02 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.06.20 20:32:02 | 019,834,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.06.20 20:32:02 | 018,231,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.06.20 20:32:02 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.06.20 20:32:02 | 014,744,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.06.20 20:32:02 | 012,349,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.06.20 20:32:02 | 009,048,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.06.20 20:32:02 | 007,586,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.06.20 20:32:02 | 002,743,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.06.20 20:32:02 | 002,572,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.06.20 20:32:02 | 002,215,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.06.20 20:32:02 | 001,864,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.06.20 20:32:02 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.06.20 20:32:02 | 000,827,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.06.20 20:32:02 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.06.20 20:32:02 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.06.13 00:36:20 | 000,918,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.13 00:36:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.13 00:36:20 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.13 00:36:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.13 00:36:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.13 00:36:19 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.13 00:36:18 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.13 00:36:18 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.13 00:36:17 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.13 00:36:16 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.13 00:36:16 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.06.07 19:31:37 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew [2012.06.07 19:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey [2012.06.07 19:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.06 21:55:04 | 000,000,905 | ---- | M] () -- C:\Users\MisterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NVIDIA_Inspector_MultiDisplayPowerSaver.lnk [2012.07.06 21:54:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.06 21:54:48 | 000,199,056 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2012.07.06 21:54:12 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000002-00000000-00000000-00001102-0000000B-00431102}.rfx [2012.07.06 21:54:12 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000002-00000000-00000000-00001102-0000000B-00431102}.rfx [2012.07.06 21:54:12 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000002-00000000-00000000-00001102-0000000B-00431102}.rfx [2012.07.06 21:53:31 | 000,000,020 | ---- | M] () -- C:\Users\MisterX\defogger_reenable [2012.07.06 21:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.06 20:38:24 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.06 20:38:24 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.06 20:35:43 | 001,837,638 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.06 20:35:43 | 000,776,352 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.06 20:35:43 | 000,729,948 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.06 20:35:43 | 000,179,454 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.06 20:35:43 | 000,151,650 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.05 20:56:32 | 003,021,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 00:02:36 | 000,001,050 | ---- | M] () -- C:\Users\MisterX\Desktop\ClientPatcher.exe - Verknüpfung.lnk [2012.07.03 20:38:19 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.07.03 20:38:19 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.06.26 21:50:21 | 000,365,196 | ---- | M] () -- C:\Users\MisterX\Desktop\ich zeig euch wie das geht - Kopie.jpg [2012.06.24 18:09:34 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm [2012.06.24 18:09:34 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\settings.sfm [2012.06.23 23:40:36 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.06.23 23:40:36 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.06.23 23:40:13 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.06.23 21:26:50 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.23 21:26:50 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.06.22 20:51:40 | 000,010,240 | ---- | M] () -- C:\Windows\SysNative\ACRAMDiskHandlerService64RD3.ini [2012.06.18 04:50:43 | 000,001,725 | ---- | M] () -- C:\Users\MisterX\Desktop\ProgDVB 6.lnk [2012.06.12 08:26:00 | 026,238,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.06.12 08:26:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.06.12 08:26:00 | 019,834,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.06.12 08:26:00 | 018,231,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.06.12 08:26:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.06.12 08:26:00 | 015,282,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.06.12 08:26:00 | 014,744,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.06.12 08:26:00 | 012,349,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.06.12 08:26:00 | 009,048,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.06.12 08:26:00 | 007,586,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.06.12 08:26:00 | 002,743,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.06.12 08:26:00 | 002,719,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.06.12 08:26:00 | 002,572,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.06.12 08:26:00 | 002,418,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.06.12 08:26:00 | 002,215,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.06.12 08:26:00 | 001,864,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.06.12 08:26:00 | 001,758,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012.06.12 08:26:00 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.06.12 08:26:00 | 000,968,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012.06.12 08:26:00 | 000,827,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.06.12 08:26:00 | 000,247,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.06.12 08:26:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.06.12 08:26:00 | 000,060,776 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.06.12 08:26:00 | 000,052,584 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.06.12 08:26:00 | 000,016,048 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2012.06.12 04:30:01 | 002,653,573 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin [2012.06.12 04:29:20 | 003,264,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012.06.12 04:29:19 | 006,189,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012.06.12 04:28:59 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012.06.12 04:28:59 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012.06.12 04:28:59 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012.06.07 19:35:54 | 000,001,539 | ---- | M] () -- C:\Users\MisterX\Documents\zoltan.ahk [2012.06.07 19:32:26 | 000,001,352 | ---- | M] () -- C:\Users\MisterX\Documents\AutoHotkey.ahk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.06 21:53:31 | 000,000,020 | ---- | C] () -- C:\Users\MisterX\defogger_reenable [2012.07.05 20:56:24 | 003,021,696 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.05 00:02:36 | 000,001,050 | ---- | C] () -- C:\Users\MisterX\Desktop\ClientPatcher.exe - Verknüpfung.lnk [2012.07.02 22:28:52 | 000,010,497 | ---- | C] () -- C:\Users\MisterX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wecker.exe - Verknüpfung.lnk [2012.06.25 21:38:35 | 000,365,196 | ---- | C] () -- C:\Users\MisterX\Desktop\ich zeig euch wie das geht - Kopie.jpg [2012.06.24 02:33:19 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.06.24 02:33:19 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.06.07 19:35:54 | 000,001,539 | ---- | C] () -- C:\Users\MisterX\Documents\zoltan.ahk [2012.06.07 19:32:26 | 000,001,352 | ---- | C] () -- C:\Users\MisterX\Documents\AutoHotkey.ahk [2012.04.21 00:16:20 | 000,000,908 | ---- | C] () -- C:\Users\MisterX\recStudio.ini [2012.03.26 01:05:56 | 000,006,144 | ---- | C] () -- C:\Users\MisterX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2011.09.04 02:43:54 | 000,002,211 | ---- | C] () -- C:\Windows\HCWPNP.INI [2011.09.04 01:57:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.09.04 01:57:37 | 003,164,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2011.09.04 01:57:37 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.09.04 01:57:37 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.09.04 01:57:37 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.09.04 01:57:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011.08.10 23:16:50 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2011.08.07 11:19:26 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.07.04 23:27:32 | 000,017,408 | ---- | C] () -- C:\Users\MisterX\AppData\Local\WebpageIcons.db [2011.06.26 22:10:10 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.06.26 22:10:09 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.06.26 22:10:09 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.04.19 19:45:45 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.04.11 23:32:09 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2011.04.04 21:43:08 | 001,857,530 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.01 18:48:59 | 000,000,017 | ---- | C] () -- C:\Users\MisterX\AppData\Local\resmon.resmoncfg [2011.04.01 18:48:26 | 000,012,558 | ---- | C] () -- C:\ProgramData\mxnhytee.feu [2011.04.01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011.04.01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.04.01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011.03.30 22:59:58 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.03.30 22:54:22 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011.03.30 22:54:22 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011.03.30 22:53:36 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL [2011.03.30 22:49:58 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011.03.30 22:49:53 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2011.03.30 22:45:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.03.30 22:45:40 | 000,022,012 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== LOP Check ========== [2012.02.11 14:35:40 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\.minecraft [2012.04.09 17:33:04 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Advanced Combat Tracker [2012.03.19 20:27:23 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\ArchiCrypt Ultimate RAM-Disk3 [2012.03.24 18:50:26 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\DAEMON Tools Lite [2011.09.27 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\DAEMON Tools Pro [2012.01.05 23:24:09 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\gamigoGr [2012.01.05 23:16:59 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\GetRightToGo [2012.05.07 02:15:15 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\ICSharpCode [2012.01.05 23:21:33 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\launcher [2011.09.04 14:25:31 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Lionhead Studios [2012.06.23 03:50:03 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\LolClient2 [2012.01.05 23:21:33 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Martial Empires Launcher [2011.09.03 05:47:47 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Mount&Blade Warband [2012.05.10 20:35:44 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Mount&Blade With Fire and Sword [2012.02.21 00:24:08 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Notepad++ [2011.10.27 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Origin [2011.12.24 02:17:44 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\PunkBuster [2011.10.12 17:48:27 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Razer [2012.05.05 18:31:18 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\RIFT [2012.04.23 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\RotMG.Production [2012.01.03 22:13:42 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\runic games [2012.06.26 18:36:17 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\six-updater [2012.06.24 02:33:23 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\six-zsync [2011.04.10 01:19:21 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\TeamViewer [2012.07.03 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\TS3Client [2011.12.28 03:53:24 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Ubisoft [2012.01.05 22:39:04 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Unity [2012.04.27 22:32:37 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\wargaming.net [2012.03.24 22:32:42 | 000,000,000 | ---D | M] -- C:\Users\MisterX\AppData\Roaming\Wireshark [2012.06.22 21:14:48 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Geändert von Marguth (06.07.2012 um 21:36 Uhr) |
|
09.07.2012, 08:45
| #2 | ||||
| /// Helfer-Team    | Internetseiten verhalten sich seltsam. Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Deine eigenen Einstellungen, sofern Du welche vorgenommen hast?: Code:
ATTFilter FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..network.proxy.ftp: "213.246.52.37"
FF - prefs.js..network.proxy.ftp_port: 3129
FF - prefs.js..network.proxy.http: "213.246.52.37"
FF - prefs.js..network.proxy.http_port: 3129
FF - prefs.js..network.proxy.socks: "213.246.52.37"
FF - prefs.js..network.proxy.socks_port: 3129
FF - prefs.js..network.proxy.ssl: "213.246.52.37"
FF - prefs.js..network.proxy.ssl_port: 3129
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
Hast Du OTL falsch installiert: OTL muss auf dem Desktop gespechert werden! Stell deine Browser so ein, dass er OTL auf dem Desktop speichern soll! also entfernen und erneut herunterladen: -> Lade OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Nach installation in der Log-Datei soll etwa so aussehen: Zitat:
Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
4. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
5. Lade dir von hier -> TrendMicro™ HijackThis™/Version 2.0.4 herunter Zitat:
Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
09.07.2012, 11:13
| #3 |
| | Internetseiten verhalten sich seltsam. Danke für die Antwort aber übers WE konnte ich mit nem Kumpel zusammen das Problem lösen.
__________________Und zwar hat es der TCP optimizer durch seine änderung an der MTU hervorgerrufen. MTU wieder zurückgestellt auf default und alles lief wieder Prima. Das Langsame Internet war einer Wartungsarbeit verschuldet... Schade nach so vielen Jahren dachte ich, dass ich auch endlich mal einen Virus habe  |
|
10.07.2012, 14:07
| #4 | ||
| /// Helfer-Team | Internetseiten verhalten sich seltsam.Zitat:
 aber ich gebe dir einen Tipp: Zitat:
► Internet Explorer aktualisieren: - Version 9 ist aktuell! Du kannst gleich Windows Internet Explorer 9 installieren, um die vorhandene Version von Internet Explorer zu ersetzen:-> Internet Explorer 9 Software wie Betriebssysteme, Browser und E-Mail Clients werden laufend weiterentwickelt. Gleichzeitig arbeiten jedoch auch Hacker daran, ständig neue Sicherheitslücken zu finden und auszunutzen. Was heute noch keine Schlupflücke für Viren und Würmer ist, kann morgen bereits zur Gefahr werden, wenn der entsprechende Schädling programmiert wurde. Das führt dazu, dass es relativ häufig zu Meldungen über neue Sicherheitsanfälligkeiten kommt, auch wenn diese noch nicht durch Hacker entdeckt wurden. Denn selbstverständlich suchen auch Sicherheitsspezialisten nach potenziellen Angriffsmöglichkeiten. Updates der Softwareentwickler sorgen dafür, dass der User immer die aktuellste und sicherste Version des Betriebssystems und der installierten Software nutzen kann.
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
10.07.2012, 17:53
| #5 |
| | Internetseiten verhalten sich seltsam. Ich habe den Internetexplorer nicht unabsichtlich deinstalliert  |
|
| Themen zu Internetseiten verhalten sich seltsam. |
| .com, adblock, aufrufe, bho, browser, cpu-z, desktop, error, fehler, firefox, flash player, google, grand theft auto, homepage, iexplore.exe, install.exe, internet, langsam, logfile, mozilla, origin, plug-in, proxy, registry, scan, searchscopes, security, server, software, svchost.exe, teamspeak, usb, usb 3.0, visual studio, windows |
Linear-Darstellung
