| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.09.2012, 15:01
| #1 |
| |  79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Hi Leute! Habe seit gestern ein Problem mit meiner IP-Adresse. Habe wegen eines Spiels (namentlich: Torchlight 2) ein paar Ports aufgemacht, da ich keine Möglichkeit hatte eine Connection zu anderen Spielern aufzubauen. // Habe die Ports mittlerweile alle wieder geschlossen. Heute morgen, nach ungefähr 4-5 Stunden rumprobieren, habe ich mich dann entschieden selber einen kleinen Fragepost im Runic.de Forum aufzumachen... und habe dann ganz schön doof aus der Wäsche geschaut als ich bei der Forum-Accountregistration plötzlich diese Meldung bekommen habe: Your IP 79.111.192.30 has been blocked because it is blacklisted. For details please see 79.111.192.30. An entry on the blaklist may have several reasons: 1. You are a well-known spammer. 2. Last time a well-known spammer was using the dynamic IP address which you got from your ISP (Internet Service Provider). 3. Your ISP is well-known for a lot of spamming customers and is not fighting against spammers. Habe dann erstmal schnell mein cmd -> ipconfig gecheckt, dort ist wie erwartet immer noch meine feste 192.168.*.* Adresse angegeben. Bin dann auf wieistmeineip.de... und siehe da, auch dort wird meine IP als 79.111.192.30 erkannt. Ein paar Google Nachforschungen haben ergeben, dass diese Adresse irgendwo in Moskau vermeldet ist... ich wohne selber auch in Moskau... allerdings ist dies definitiv nicht meine Adresse... und ich glaube ich bin auch kein Spambot :P Habe jetzt als erstes vermutet dass ich mir irgendwo ein Root Kit oder ähnliches eingefangen hab... Habe erstmal einen schnellen ODT Scan durchlaufen lassen, wie im Forum beschrieben, hier die beiden .txt: ODT.txt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.09.2012 17:04:59 - Run 1 OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Baumkind\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 48,69% Memory free 15,80 Gb Paging File | 11,12 Gb Available in Paging File | 70,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 411,91 Gb Total Space | 84,75 Gb Free Space | 20,58% Space Free | Partition Type: NTFS Drive D: | 274,60 Gb Total Space | 269,14 Gb Free Space | 98,01% Space Free | Partition Type: NTFS Drive E: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: BAUMKIND-MSI | User Name: Baumkind | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Baumkind\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\program files (x86)\avira\antivir desktop\avscan.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI) PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\program files (x86)\avira\antivir desktop\sqlite3.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\6dc7ae907d0a57aa19331225f5192ca7\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll () MOD - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () MOD - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll () MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () ========== Services (SafeList) ========== SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe () SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (Micro Star SCM) -- C:\Program Files (x86)\S-Bar\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (MSI Foundation Service) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe (MSI) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) ========== Driver Services (SafeList) ========== DRV:64bit: - (MGHwCtrl) -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys File not found DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bflwfx64.sys (Bigfoot Networks, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\e22W7x64.sys (Qualcomm Atheros, Inc.) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation) DRV:64bit: - (gbxavs) -- C:\Windows\SysNative\drivers\gbxavs.sys (Native Instruments GmbH) DRV:64bit: - (gbxusb_svc) -- C:\Windows\SysNative\drivers\gbxusb.sys (Native Instruments GmbH) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} IE:64bit: - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} IE - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi.msn.com IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497} IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Informatik\eclipse\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 20:12:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 20:12:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.25 21:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baumkind\AppData\Roaming\mozilla\Extensions [2012.08.25 00:34:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baumkind\AppData\Roaming\mozilla\Firefox\Profiles\697bok7d.default\extensions [2012.07.27 20:44:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Baumkind\AppData\Roaming\mozilla\Firefox\Profiles\697bok7d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.09.07 20:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.07 20:12:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.08.31 17:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.31 17:29:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.08.31 17:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.08.31 17:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.08.31 17:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.08.31 17:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.11 01:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Informatik\eclipse\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Informatik\eclipse\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [THXCfg64] C:\windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [S-Bar] C:\Program Files (x86)\S-Bar\S-Bar.exe (Micro-Star International Co.,Ltd.) O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [VGAOCAP] C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube Download - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{134B834A-96FD-4D77-A2A8-52659D6494A1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D6DB9F-048D-4B0E-A7D4-6F9A21FB7059}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.22 16:28:59 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Malwarebytes [2012.09.22 16:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.22 16:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.22 16:28:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.09.22 16:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.22 14:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.09.22 14:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.09.22 14:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.09.22 14:21:12 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Avira [2012.09.22 14:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.22 14:19:22 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys [2012.09.22 14:19:22 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2012.09.22 14:19:22 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys [2012.09.22 14:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.22 14:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.09.22 13:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.09.22 13:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.09.22 13:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.09.21 23:15:45 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2012.09.21 21:38:09 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\UnknownApplicationVendor [2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\Tunngle [2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Tunngle [2012.09.21 20:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle [2012.09.21 20:41:02 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\windows\SysNative\drivers\tap0901t.sys [2012.09.21 20:29:27 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\NVIDIA [2012.09.21 20:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.09.21 14:12:56 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\LOLReplay [2012.09.21 14:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay [2012.09.20 18:01:46 | 000,000,000 | -H-D | C] -- C:\Users\Baumkind\Desktop\.picasaoriginals [2012.09.20 16:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.09.20 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Informatik [2012.09.20 16:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.09.20 16:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.09.12 22:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012.09.12 22:11:15 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\uTorrent [2012.09.11 12:09:19 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Corel [2012.09.11 12:09:15 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Corel [2012.09.07 20:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.08.27 21:36:57 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\six-updater [2012.08.27 21:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Six Projects [2012.08.27 21:36:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Projects [2012.08.27 21:22:00 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\ArmA 2 OA [2012.08.27 01:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive [2012.08.27 01:39:08 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\six-zsync [2012.08.27 01:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Networks [2012.08.27 01:38:05 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\Downloaded Installations [2012.08.27 00:13:46 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\runic games [2012.08.26 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Documents\ArmA 2 [2012.08.26 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Local\ArmA 2 [2012.08.26 00:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim GREEN BUTTON [2012.08.26 00:21:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verbatim GREEN BUTTON [2012.08.25 03:42:05 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat [2012.08.25 03:42:04 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat [2012.08.25 01:47:00 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\Skype [2012.08.25 01:46:58 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.08.25 01:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.08.25 01:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.08.25 01:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.08.25 00:12:32 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\Desktop\Beatport Music [2012.08.24 22:00:24 | 000,000,000 | ---D | C] -- C:\Users\Baumkind\AppData\Roaming\com.beatport.BeatportDownloader [2012.08.24 22:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Beatport Downloader [2012.08.24 22:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.22 16:28:34 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.22 15:36:33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012.09.22 14:48:29 | 000,001,268 | ---- | M] () -- C:\Users\Baumkind\Desktop\Spybot - Search & Destroy.lnk [2012.09.22 14:39:42 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.22 14:39:42 | 000,024,656 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.22 14:28:03 | 2066,284,543 | -HS- | M] () -- C:\hiberfil.sys [2012.09.22 14:19:29 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.21 23:37:04 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\Access.dat [2012.09.21 23:36:08 | 000,000,222 | ---- | M] () -- C:\Users\Baumkind\Desktop\Torchlight II.url [2012.09.21 23:33:37 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\Torchlight.url [2012.09.21 23:15:39 | 636,908,235 | ---- | M] () -- C:\windows\MEMORY.DMP [2012.09.21 21:05:23 | 000,294,888 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2012.09.21 20:14:38 | 001,550,634 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.09.21 20:14:38 | 000,665,578 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.09.21 20:14:38 | 000,627,420 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.09.21 20:14:38 | 000,133,758 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.09.21 20:14:38 | 000,110,140 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.09.21 18:54:17 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\Borderlands 2.url [2012.09.21 14:12:55 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012.09.20 18:01:46 | 000,024,869 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-004.jpg [2012.09.20 17:58:18 | 000,020,801 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-003.jpg [2012.09.20 17:52:25 | 000,154,610 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-002.jpg [2012.09.20 17:44:52 | 000,204,658 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-001.jpg [2012.09.20 17:35:35 | 001,964,488 | ---- | M] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer.jpg [2012.09.20 17:33:34 | 000,768,769 | ---- | M] () -- C:\Users\Baumkind\Desktop\FLYERSTREETARTPARTY.pdf [2012.09.13 00:12:04 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.09.12 22:12:25 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012.09.11 12:09:19 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2012.09.07 20:26:05 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys [2012.09.07 20:26:05 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys [2012.09.07 20:26:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.08.27 21:36:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.08.27 21:36:03 | 000,002,573 | ---- | M] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.08.27 01:46:28 | 000,000,219 | ---- | M] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2.url [2012.08.27 01:46:28 | 000,000,219 | ---- | M] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2 Add-on Support.url [2012.08.26 22:40:18 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\ARMA 2 Operation Arrowhead.url [2012.08.26 00:42:57 | 000,000,221 | ---- | M] () -- C:\Users\Baumkind\Desktop\ARMA 2.url [2012.08.25 01:46:58 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.08.24 22:00:22 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\Beatport Downloader.lnk [6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [2 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.22 16:28:34 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.22 14:48:29 | 000,001,268 | ---- | C] () -- C:\Users\Baumkind\Desktop\Spybot - Search & Destroy.lnk [2012.09.22 14:19:29 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.21 23:37:04 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\Access.dat [2012.09.21 23:36:08 | 000,000,222 | ---- | C] () -- C:\Users\Baumkind\Desktop\Torchlight II.url [2012.09.21 23:33:37 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\Torchlight.url [2012.09.21 23:15:39 | 636,908,235 | ---- | C] () -- C:\windows\MEMORY.DMP [2012.09.21 18:54:17 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\Borderlands 2.url [2012.09.21 14:12:55 | 000,001,923 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk [2012.09.21 14:12:55 | 000,001,911 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012.09.20 18:01:46 | 000,024,869 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-004.jpg [2012.09.20 17:58:18 | 000,020,801 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-003.jpg [2012.09.20 17:52:25 | 000,154,610 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-002.jpg [2012.09.20 17:44:52 | 000,204,658 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer-001.jpg [2012.09.20 17:35:34 | 001,964,488 | ---- | C] () -- C:\Users\Baumkind\Desktop\SchulpartyFlyer.jpg [2012.09.20 17:33:34 | 000,768,769 | ---- | C] () -- C:\Users\Baumkind\Desktop\FLYERSTREETARTPARTY.pdf [2012.09.13 00:12:04 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.09.12 22:12:25 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012.09.11 12:09:18 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.08.27 21:36:03 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Updater.lnk [2012.08.27 21:36:03 | 000,002,573 | ---- | C] () -- C:\Users\Public\Desktop\Six Launcher.lnk [2012.08.27 01:46:28 | 000,000,219 | ---- | C] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2.url [2012.08.27 01:46:28 | 000,000,219 | ---- | C] () -- C:\Users\Baumkind\Desktop\Left 4 Dead 2 Add-on Support.url [2012.08.26 22:40:18 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\ARMA 2 Operation Arrowhead.url [2012.08.26 00:42:57 | 000,000,221 | ---- | C] () -- C:\Users\Baumkind\Desktop\ARMA 2.url [2012.08.25 01:46:58 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.08.24 22:00:22 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beatport Downloader.lnk [2012.08.24 22:00:22 | 000,000,991 | ---- | C] () -- C:\Users\Public\Desktop\Beatport Downloader.lnk [2012.08.15 18:16:16 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin [2012.08.15 17:33:40 | 000,111,928 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe [2012.08.15 17:33:36 | 002,793,768 | ---- | C] () -- C:\windows\SysWow64\pbsvc.exe [2012.08.15 17:33:36 | 000,066,872 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe [2012.07.25 15:26:47 | 000,000,100 | ---- | C] () -- C:\ProgramData\CameraRecorder.ini [2012.07.25 14:41:10 | 000,120,200 | ---- | C] () -- C:\windows\SysWow64\DLLDEV32i.dll [2012.03.19 23:37:12 | 000,755,188 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin [2012.03.19 23:37:12 | 000,561,508 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin [2012.03.19 23:25:58 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2012.03.19 22:23:38 | 013,024,256 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll [2012.03.15 10:19:58 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.03.15 10:01:16 | 000,001,313 | ---- | C] () -- C:\windows\THXCfg_SP_APOIM.ini [2012.03.15 10:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_HP_APOIM.ini [2012.03.15 10:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_APOIM.ini [2012.03.15 10:01:14 | 000,182,272 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL [2012.03.15 10:01:14 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL [2008.03.07 18:43:56 | 000,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.03.07 15:47:30 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml ========== ZeroAccess Check ========== [2012.08.02 04:51:43 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\LocalLow\Microsoft\Silverlight\is\44doroe4.jit\342cglad.2oz\1\l [2012.07.31 18:35:06 | 000,000,043 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-3664255064-580672183-1075423204-1001\$R4KZ0MU\n.gif [2009.07.14 08:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini ========== LOP Check ========== [2012.08.24 22:00:24 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\com.beatport.BeatportDownloader [2012.09.20 18:37:13 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\DVDVideoSoft [2012.07.27 20:44:53 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\DVDVideoSoftIEHelpers [2012.08.04 03:18:30 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Image-Line [2012.07.25 23:12:21 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\LolClient [2012.07.25 15:11:55 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\MAGIX [2012.08.27 00:13:46 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\runic games [2012.08.27 21:37:37 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\six-updater [2012.08.27 01:39:08 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\six-zsync [2012.08.31 01:17:11 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\TS3Client [2012.07.25 23:01:30 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\ts3overlay [2012.09.22 06:07:56 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Tunngle [2012.09.21 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\UnknownApplicationVendor [2012.09.12 23:18:08 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\uTorrent [2012.07.28 12:40:10 | 000,000,000 | ---D | M] -- C:\Users\Baumkind\AppData\Roaming\Vodafone ========== Purity Check ========== < End of report > Extra.txt: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.09.2012 17:04:59 - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Baumkind\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 3,85 Gb Available Physical Memory | 48,69% Memory free
15,80 Gb Paging File | 11,12 Gb Available in Paging File | 70,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 411,91 Gb Total Space | 84,75 Gb Free Space | 20,58% Space Free | Partition Type: NTFS
Drive D: | 274,60 Gb Total Space | 269,14 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
Drive E: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: BAUMKIND-MSI | User Name: Baumkind | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{179DB465-E670-4320-9B9A-8481DC202F9C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{590F768A-D66F-4EC0-8D03-7CDD86C9A3DA}" = rport=4171 | protocol=17 | dir=out | name=tl2 4171 out |
"{613FC915-876E-4D70-B41D-F64D38996D1D}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 |
"{AFE7C32D-378B-44D7-B3FE-454E9C994879}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BD54F953-9936-4302-996B-AAAC2A426466}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 |
"{C32BBAC3-F5CF-4E81-BF14-130822313CF3}" = lport=4171 | protocol=17 | dir=in | name=torchlight 2 port 4171 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063EBE60-BA1B-4E98-B15B-D338226E7A05}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{118AC277-061E-44FB-90D0-3309500B3962}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{13D398FB-04D8-490F-9A9B-18104E85D275}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{1488E09F-B330-48DD-9ED3-621F14FF4627}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{15DC98DE-49CA-4B46-BD0A-4CA8E6498337}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{17A708E8-6FA6-482F-8419-5BE666FE1EB6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{1B2486FF-306B-46ED-997D-258418F95001}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1B6185FC-9DD3-4193-BB1C-1C08BEBE6D97}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1F2D4616-7F66-4CBB-87CF-0C19AFFA3520}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1FA333D6-F5C3-485C-A2A2-8313B554002D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{209A2DEA-3788-4823-9DC9-8A8B323C14E9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{222E80B1-8437-4B91-84AD-CF5F66135702}" = dir=in | app=c:\users\baumkind\appdata\local\microsoft\skydrive\skydrive.exe |
"{22579502-975E-49E9-9C2B-D6C2412936B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{23D7B453-213A-4F96-A0D6-0DF09310FA32}" = protocol=17 | dir=in | app=c:\program files\bohemia interactive\arma\arma.exe |
"{281001EF-DD4A-4D08-B5AF-04D38137481D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{2B98FA12-952C-4943-9334-4299FF2C89B7}" = protocol=17 | dir=in | app=c:\program files\arma\arma.exe |
"{2C1346E6-84D4-42F6-B448-8D4BC95936A9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2F2AE682-9EB3-4BBE-9A05-5EDDC436132D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{31641A32-5B9C-40B6-822E-A62B404C7CD2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{32A2DDB9-8031-4EA3-836B-40BCB50AA631}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{36358F9F-8ACA-48A2-AECE-49FD9EBF0BFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3829F144-C213-4749-BFE9-3DA0125085FD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3BD0CB67-27B1-4DC8-B3D4-FFC4913EB061}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{4160970A-F8A5-46E1-B94A-44DA256CA118}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4422618E-C7F5-4A4F-AE0F-8CAEB864A9E4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{49771474-D522-4A26-A288-60B9ECAA626D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4A896A0B-DFE7-4990-B96D-2961D4B9DB16}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{525F012E-D09C-42AA-8AD8-E13732E0E388}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{52FE0634-B4D3-4EDB-9D33-52A7AE13D411}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{551C22C2-6181-4299-BDB0-01927B1DB8A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{58C1264C-0527-4B14-8753-00A7AFFC84C3}" = protocol=6 | dir=in | app=c:\program files\bohemia interactive\arma\arma.exe |
"{5E1A56B0-E1CA-448C-93F3-D881FCD83564}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{619ABEEB-6DC7-488B-A221-C53E80046EFB}" = protocol=6 | dir=in | app=c:\program files\arma\arma.exe |
"{66EA690C-0AD1-4D4B-A547-99E080DE4B61}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6954ED6D-3485-45A0-ACBD-0D39777C1B43}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight\torchlight.exe |
"{6B0C31E8-0E3F-45DC-9509-FAB28931100A}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7AF385E7-92DE-4BAA-8F6E-3584C064991F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{7EA32614-30F3-4924-AD2C-A4C326860E8E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8136847C-8A4B-4E45-8F63-D322FF038926}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{826ACE21-4E4A-4E4C-8C02-07CCB95D3E92}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8D571F44-5A8B-4309-B6BF-66961CA9ECEC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{900D4771-DCDC-4503-A3C5-06ED595CD4E0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A3F541D7-BBDE-421C-8EA5-849DB7498A4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A9266342-D4BE-4EB1-8186-47643C4E88F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{ADB574CA-6421-4E1D-8C86-6DCE1BD87F15}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{C7269555-9B81-4B1E-8F07-C8CC35AA7EB9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{CA5DA79F-897E-45D3-BA0D-F1937A068908}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D6911ECD-6903-4201-B4FF-7DCC242EC844}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D863AFAB-3119-47DF-A65F-67B7D75FF50C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DA2C1C9A-39BA-4EED-8D8C-9AB48C7A61DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{DEE68E83-456D-457C-A920-0B9A1C7ABB64}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{E005194B-6D44-49AF-AD96-80EA32AD8FED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{E0108C70-1D66-4288-A197-D609FBF54E86}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F150D4F8-0B34-49CF-B08D-F668733E49EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FDA3B6A3-124C-4A0B-BDB0-C69CDDAA0456}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"TCP Query User{0E34C515-A8CC-4E1E-9C13-F39FE312AD71}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"TCP Query User{11335656-9B00-4574-9389-21FA2FD3A021}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{26286E94-8928-43EE-A4BE-79528F76EE95}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"TCP Query User{8C1FBF27-D32E-4207-AD8D-167EC1AEF0AE}C:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{8F477DD9-697B-4F6D-ACB4-2EB912983B75}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{A0AE181B-9EE3-44A0-BB75-4EB9D0DEC762}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe |
"TCP Query User{B872F0A5-C38F-4EA2-BD63-85F0AFD7AFB4}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"TCP Query User{C529EC90-3D44-49D5-B656-3C9FBA1048BD}C:\program files\informatik\eclipse\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\informatik\eclipse\bin\javaw.exe |
"TCP Query User{CF8B00E8-1BBF-4B57-8F85-D1763DBD5E2F}C:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe |
"TCP Query User{FCBFD292-0111-475B-A8D8-363D1ADF12FD}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{0C509DD3-D94F-402B-B7A6-98C2CB772C5E}C:\program files\informatik\eclipse\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\informatik\eclipse\bin\javaw.exe |
"UDP Query User{15D75866-C684-4DBA-921F-7C3ED82B4DF1}C:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\tools\bin\rsync.exe |
"UDP Query User{3F338930-7588-4F1F-85BA-0A0C3AFB5B90}C:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{40835CCD-C12F-44D3-9230-2CED00CC4F5B}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{5A11C89F-4165-4D8B-AB7E-A12738B3CB02}C:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe |
"UDP Query User{5AC97C44-6A14-4DB3-B735-AA20900166CD}C:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"UDP Query User{80179754-7AC7-4293-89FD-BD762E496139}C:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{9098EB7B-9817-441B-B975-8E980EFBFF7D}C:\program files (x86)\six projects\six updater\tools\bin\rsync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six projects\six updater\tools\bin\rsync.exe |
"UDP Query User{BF7948EB-E871-4A31-B60D-C2DE355513F1}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{F380D8AC-26E2-4C48-8BAF-8753D58BBF47}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013CCA52-DA56-4133-AC2B-1988A9568C30}" = Native Instruments Audio 4 DJ Driver
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{043EEF79-513F-4666-B340-B8556AB0EADC}" = Native Instruments Studio Drummer
"{079419C3-9DFC-4571-BAFC-CD79854C684E}" = Native Instruments West Africa
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{09BB8307-BD8F-4E92-9918-A4BAFD0638B3}" = Native Instruments VC 2A
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1244CC88-97DF-4694-A720-6F073845DEE2}" = Native Instruments Kontakt Factory Library
"{14C1DD2C-D54E-464A-9588-C109E3E39EEF}" = Native Instruments Vintage Organs
"{1745A39F-7F25-4ADA-8ADA-FD84A6301696}" = Native Instruments VC 76
"{1AE269AE-561D-4889-8A13-C1254ACBD025}" = Native Instruments Abbey Road 80s Drums
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver
"{24873332-B98B-4235-ABBA-CCDEACC62BB9}" = Native Instruments Traktor Audio 6 Driver
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Controller
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{28327E39-F691-44D4-BDE5-9B5B251ADD63}" = Native Instruments Komplete 8 Ultimate
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Mobile I/O
"{3054FEFA-4748-4cf0-8C3C-8DB887DE379F}" = Native Instruments Traktor Audio 2 Driver
"{305CA7E5-C739-48e2-B247-584C0E1B717C}" = Native Instruments Traktor Audio 10 Driver
"{33355583-296A-4E06-A129-6A5739529F1A}" = Native Instruments VC 2A for Maschine
"{33A9A927-73C9-4607-B8FD-A904257E978E}" = Native Instruments Solid Dynamics for Maschine
"{35DE6B98-31C9-4A01-AB64-20A3C71BE1D0}" = Native Instruments Reflektor
"{36ccb7d4-42c7-473e-b293-72e41a8ec766}" = Native Instruments Berlin Concert Grand
"{371B17C3-9624-4583-A497-DF980313D851}" = Native Instruments Absynth 5
"{434CC4CB-0183-4CDE-BE7F-00230BE26494}" = Native Instruments The Mouth
"{470BB39A-7231-4077-AD3D-86067AD04604}" = Native Instruments Audio 8 DJ Driver
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4b98677f-ef75-4f71-8ef3-5603e3b0cbf7}" = Native Instruments Scarbee Vintage Keys
"{4BA33BE3-20CF-4972-BD67-B44CEFA52DCB}" = Windows Live MIME IFilter
"{4FEF843C-5829-4F1B-AC4A-02B1C1D9CD1D}" = Native Instruments Reflektor for Maschine
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5B841301-3649-4891-BC10-7A66820397C9}" = Native Instruments Reaktor Prism
"{5D03CB59-6F91-4097-922C-9DCA057D2A76}" = Native Instruments The Finger R2
"{5D1224E0-6777-4536-9D72-B0E151ED8C99}" = Native Instruments Battery Library Importer for Maschine
"{5FC09265-8AAD-410D-B88D-EBAA41327056}" = Native Instruments Scarbee Funk Guitarist
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{608EF1C8-5671-4C8B-A4B5-B428A2DF7715}" = Native Instruments Solid Bus Comp for Maschine
"{60BB45B2-E8E4-41C5-B69F-C6DC5D991DF5}" = Native Instruments Abbey Road 60s Drums
"{6481C64D-3B62-4D03-8AFB-7A485762F157}" = Native Instruments VC 160 for Maschine
"{64A3A4F4-B792-11D6-A78A-00B0D0170070}" = Java SE Development Kit 7 Update 7 (64-bit)
"{67e13682-a5ba-4f12-ac10-4b41eacb82da}" = Native Instruments Alicias Keys
"{6969a180-13e1-4393-8265-98d11903375c}" = Native Instruments Evolve Mutations 2
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.5
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{74BAEC6B-6FE3-455D-894D-94C488613823}" = M-Audio KeyStudio49i Driver 6.0.1 (x64)
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{817B77D5-6BFC-4CD5-BD23-88C2C53B9A4C}" = Native Instruments Solid Dynamics
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{835e9421-5f20-4491-9a75-baa7af1ea14d}" = Native Instruments Vienna Concert Grand
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{86F4B370-079C-4EF9-B727-452B85CFA415}" = Native Instruments Retro Machines Mk2
"{8812511F-8D8C-49D3-A711-C9650B2F5566}" = Native Instruments Guitar Rig Pro Library for Maschine
"{88E45461-E8D2-4BCA-BDEC-0405E6FB4817}" = Native Instruments Transient Master
"{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}" = Native Instruments Reaktor Spark R2
"{906E3E41-5259-4C3B-A5EB-3B7F63AFEDB5}" = Native Instruments VC 160
"{908177CD-FC53-4B56-8BF4-DE422F8D3C75}" = Native Instruments Traktors 12 for Maschine
"{92C4CBF6-0D9F-472B-A21A-8D4D7E003C40}" = Native Instruments Solid Bus Comp
"{93E2F252-D0F1-461A-9823-A2535D779E6E}" = Native Instruments Rammfire for Maschine
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9be187da-7d1c-4e8b-8b66-6132ca7697d8}" = Native Instruments New York Concert Grand
"{9c1b2ca5-bf9c-4b3e-b5ac-49a9133896a3}" = Native Instruments Scarbee Jay-Bass
"{9D3BAEFB-5DDD-43D4-8BB2-D9989521F003}" = Native Instruments Razor
"{a63e8179-0381-4b59-8876-0755be48eb6a}" = Native Instruments Scarbee MM-Bass
"{A8732D97-1D5F-45AE-B04C-6FE5C9A18AED}" = Native Instruments Solid EQ
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{AA2F4574-FD46-4897-8791-CD6CCD80E882}" = Native Instruments Evolve Mutations
"{b0c719eb-4c55-4b54-b37a-38b6fcd7116c}" = Native Instruments Scarbee MM-Bass Amped
"{b125d937-9582-450d-951e-7b53bd94d16d}" = Native Instruments Balinese Gamelan
"{B2552FA6-86E3-410D-84AD-265C2242D410}" = Native Instruments FM8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{C40C08A5-A7AF-43B2-BF93-7CF67719D194}" = Native Instruments Scarbee Pre-Bass
"{C983C1A3-2D12-4304-9EC6-F87CE78216E5}" = Native Instruments VC 76 for Maschine
"{C9BCE8B9-2510-48D4-B93A-EA7BEA81D6E7}" = Native Instruments Traktors 12
"{CE09E66D-167D-48A0-8196-5385A8C6469C}" = Native Instruments Solid EQ for Maschine
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D597935A-5F0E-44F8-A028-A0EF9C647D95}" = Native Instruments Rammfire
"{D69D39FC-DCC0-43F4-9524-043EE9F1C329}" = Native Instruments Abbey Road Modern Drums
"{d8650fdb-9422-4a07-9f57-585c06d9d760}" = Native Instruments Upright Piano
"{DDDE5B61-19BD-4F64-B14C-5F81DB56DF3E}" = Native Instruments George Duke Soul Treasures
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{E0BB5D87-62DC-4ABD-AC2F-A743EEA31F57}" = Native Instruments Transient Master for Maschine
"{E1B6008F-26D8-47BF-B585-6518AFE73557}" = Native Instruments Scarbee Pre-Bass Amped
"{e90698e9-2c52-4079-aa1d-b341f0f5b036}" = Native Instruments Abbey Road 70s Drums
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{f62a8337-2009-40b7-af47-0a2a1371645c}" = Native Instruments Maschine Drum Selection
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FCD398EC-9A6C-478D-82AC-96AE6FEF585D}" = Native Instruments Session Strings Pro
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1951F3A1-110D-4F5B-8346-9D0E735A54E0}" = Windows Live Writer
"{1A2516F6-15CF-45F0-A14C-865742A647C3}" = Windows Live Messenger
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{39BDC923-826E-4007-8179-50E7C570E545}" = S-Bar
"{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}" = Camera Recorder
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EAE58C0-7C36-40C3-ACED-0CABF2F46BCF}" = Windows Live Writer Resources
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{44E89CCA-BB20-4EA6-80EB-4126E886F83D}" = Windows Live Mail
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{46B14AF1-EDFA-4088-AB2B-22A8128A1C54}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{57EC0BAF-E65F-4758-A6AB-586535C870A2}" = Windows Live Essentials
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{62813F65-4D78-43AF-A53C-DFAFA122E065}" = Windows Live Messenger
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D1898F-DFAE-4E0F-B57A-97F5F557EA3A}" = Windows Live Messenger
"{741ECBB6-1A0B-42F1-A7BF-76222734A63A}" = Movie Maker
"{7541F284-7167-4729-B1C1-0A3F7FC38EF3}" = Windows Live Messenger
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{803D4B7D-71CD-46B9-8F89-8BFD73920FAF}" = Windows Live UX Platform Language Pack
"{810EED37-2024-4C10-B266-5A8CCB3D1A65}" = Windows Live Writer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84BEAA30-1AF1-450B-9DD7-AD38B84004BA}" = Windows Live Messenger
"{86CAC8DE-288A-410D-A4A4-0190060E69AE}" = Raccolta foto
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95193654-3EF2-4D17-8503-9F80B56D9ED5}" = MSI VGA Overclock Tool
"{959BC6D1-38C8-441F-9466-9ECCD4E68413}" = Galería de fotos
"{97373E60-D071-418A-87F1-A969EEEEBDAC}" = Windows Live Essentials
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A048F6D6-BECE-D521-9BC9-B8806BFB118C}" = Beatport Downloader
"{A5D8B1C2-4B2E-42F1-ADB4-D0308A4F5C6F}" = Windows Live Writer
"{A61E1C37-814A-42D8-8CF6-E49D729A4A9B}" = Windows Live Writer
"{A929A7EA-4DFB-48F9-AAF6-C880DF64FB73}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AFFBC271-AA8F-4908-BEAE-491B96AC57C4}" = Windows Live Mail
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6829511-95BB-46FC-9030-957D54B8EFE2}" = Windows Live UX Platform Language Pack
"{B89EE842-D398-4EAC-A3DF-47280B285DD9}" = Windows Live Mail
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{CBB00A31-1E0F-458C-BA15-0BAFF0567772}" = Windows Live Mail
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CDA04BEC-2F20-4E3C-A0E0-D75C8DE255D8}" = Windows Live Writer Resources
"{D0873221-A48B-4A2F-9D34-5F0C21725CF5}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D555C389-F793-443A-B012-A3D70590CF3D}" = Windows Live Writer Resources
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D969C468-FCB8-4BFF-A480-33C0A6F7EA64}" = Windows Live Mail
"{DA22811F-4A83-4FE3-959F-1F26B64BA54B}" = Windows Live Writer
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DC2CB432-D3B9-4F81-8ACB-7775FD5202E5}" = Photo Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1DA4302-1C06-4533-AF6D-9D68B01FCB34}" = Movie Maker
"{E60D9CA8-14A6-4F56-BA12-D9D8C8004E09}" = Windows Live Messenger
"{EA53D435-3740-4513-A519-484D2BF659FA}" = Windows Live Writer Resources
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DA672E-15DB-4413-BE2D-887DD1513607}" = Windows Live Writer
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE58D81E-30CE-4C73-9A52-28E886B62B91}" = Windows Live Writer Resources
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"{FECB76C1-1C1D-4A84-8D47-5754C74B5A5E}" = Junk Mail filter update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA" = ArmA Uninstall
"ASIO4ALL" = ASIO4ALL
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"com.beatport.BeatportDownloader" = Beatport Downloader
"FL Studio 10" = FL Studio 10
"Free Studio_is1" = Free Studio version 5.6.3.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"LOLReplay" = LOLReplay
"MAGIX Foto Manager 9 D" = MAGIX Foto Manager 9
"MAGIX Online Druck Service D" = MAGIX Online Druck Service
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"M-Audio Key Rig_is1" = M-Audio Key Rig 1.0.1
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Abbey Road 60s Drums" = Native Instruments Abbey Road 60s Drums
"Native Instruments Abbey Road 70s Drums" = Native Instruments Abbey Road 70s Drums
"Native Instruments Abbey Road 80s Drums" = Native Instruments Abbey Road 80s Drums
"Native Instruments Abbey Road Modern Drums" = Native Instruments Abbey Road Modern Drums
"Native Instruments Absynth 5" = Native Instruments Absynth 5
"Native Instruments Alicias Keys" = Native Instruments Alicias Keys
"Native Instruments Audio 2 DJ Driver" = Native Instruments Audio 2 DJ Driver
"Native Instruments Audio 4 DJ Driver" = Native Instruments Audio 4 DJ Driver
"Native Instruments Audio 8 DJ Driver" = Native Instruments Audio 8 DJ Driver
"Native Instruments Balinese Gamelan" = Native Instruments Balinese Gamelan
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Battery Library Importer for Maschine" = Native Instruments Battery Library Importer for Maschine
"Native Instruments Berlin Concert Grand" = Native Instruments Berlin Concert Grand
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Evolve Mutations" = Native Instruments Evolve Mutations
"Native Instruments Evolve Mutations 2" = Native Instruments Evolve Mutations 2
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments George Duke Soul Treasures" = Native Instruments George Duke Soul Treasures
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Mobile I/O" = Native Instruments Guitar Rig Mobile I/O
"Native Instruments Guitar Rig Pro Library for Maschine" = Native Instruments Guitar Rig Pro Library for Maschine
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments Komplete 8 Ultimate" = Native Instruments Komplete 8 Ultimate
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Factory Library" = Native Instruments Kontakt Factory Library
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Controller" = Native Instruments Maschine Controller
"Native Instruments Maschine Drum Selection" = Native Instruments Maschine Drum Selection
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments New York Concert Grand" = Native Instruments New York Concert Grand
"Native Instruments Rammfire" = Native Instruments Rammfire
"Native Instruments Rammfire for Maschine" = Native Instruments Rammfire for Maschine
"Native Instruments Razor" = Native Instruments Razor
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Prism" = Native Instruments Reaktor Prism
"Native Instruments Reaktor Spark R2" = Native Instruments Reaktor Spark R2
"Native Instruments Reflektor" = Native Instruments Reflektor
"Native Instruments Reflektor for Maschine" = Native Instruments Reflektor for Maschine
"Native Instruments Retro Machines Mk2" = Native Instruments Retro Machines Mk2
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Scarbee Funk Guitarist" = Native Instruments Scarbee Funk Guitarist
"Native Instruments Scarbee Jay-Bass" = Native Instruments Scarbee Jay-Bass
"Native Instruments Scarbee MM-Bass" = Native Instruments Scarbee MM-Bass
"Native Instruments Scarbee MM-Bass Amped" = Native Instruments Scarbee MM-Bass Amped
"Native Instruments Scarbee Pre-Bass" = Native Instruments Scarbee Pre-Bass
"Native Instruments Scarbee Pre-Bass Amped" = Native Instruments Scarbee Pre-Bass Amped
"Native Instruments Scarbee Vintage Keys" = Native Instruments Scarbee Vintage Keys
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session Strings Pro" = Native Instruments Session Strings Pro
"Native Instruments Solid Bus Comp" = Native Instruments Solid Bus Comp
"Native Instruments Solid Bus Comp for Maschine" = Native Instruments Solid Bus Comp for Maschine
"Native Instruments Solid Dynamics" = Native Instruments Solid Dynamics
"Native Instruments Solid Dynamics for Maschine" = Native Instruments Solid Dynamics for Maschine
"Native Instruments Solid EQ" = Native Instruments Solid EQ
"Native Instruments Solid EQ for Maschine" = Native Instruments Solid EQ for Maschine
"Native Instruments Studio Drummer" = Native Instruments Studio Drummer
"Native Instruments The Finger R2" = Native Instruments The Finger R2
"Native Instruments The Mouth" = Native Instruments The Mouth
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Native Instruments Traktor Audio 10 Driver" = Native Instruments Traktor Audio 10 Driver
"Native Instruments Traktor Audio 2 Driver" = Native Instruments Traktor Audio 2 Driver
"Native Instruments Traktor Audio 6 Driver" = Native Instruments Traktor Audio 6 Driver
"Native Instruments Traktors 12" = Native Instruments Traktors 12
"Native Instruments Traktors 12 for Maschine" = Native Instruments Traktors 12 for Maschine
"Native Instruments Transient Master" = Native Instruments Transient Master
"Native Instruments Transient Master for Maschine" = Native Instruments Transient Master for Maschine
"Native Instruments Upright Piano" = Native Instruments Upright Piano
"Native Instruments VC 160" = Native Instruments VC 160
"Native Instruments VC 160 for Maschine" = Native Instruments VC 160 for Maschine
"Native Instruments VC 2A" = Native Instruments VC 2A
"Native Instruments VC 2A for Maschine" = Native Instruments VC 2A for Maschine
"Native Instruments VC 76" = Native Instruments VC 76
"Native Instruments VC 76 for Maschine" = Native Instruments VC 76 for Maschine
"Native Instruments Vienna Concert Grand" = Native Instruments Vienna Concert Grand
"Native Instruments Vintage Organs" = Native Instruments Vintage Organs
"Native Instruments West Africa" = Native Instruments West Africa
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Steam App 200710" = Torchlight II
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 39160" = Dungeon Siege III
"Steam App 41500" = Torchlight
"Steam App 43110" = Metro 2033
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"uTorrent" = µTorrent
"Verbatim GREEN BUTTON_is1" = Verbatim GREEN BUTTON 1.46
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.09.2012 11:23:59 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 20046
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21060
Error - 09.09.2012 11:24:00 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21060
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 22214
Error - 09.09.2012 11:24:01 | Computer Name = Baumkind-MSI | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 22214
Error - 09.09.2012 14:10:17 | Computer Name = Baumkind-MSI | Source = WinMgmt | ID = 10
Description =
Error - 10.09.2012 05:38:47 | Computer Name = Baumkind-MSI | Source = WinMgmt | ID = 10
Description =
Error - 10.09.2012 12:24:13 | Computer Name = Baumkind-MSI | Source = Application Hang | ID = 1002
Description = Programm FL.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 944 Startzeit:
01cd8f7026dcb45a Endzeit: 9 Anwendungspfad: C:\Program Files (x86)\Image-Line\FL Studio
10\FL.exe Berichts-ID: f352259f-fb63-11e1-b606-8c89a5024998
[ Media Center Events ]
Error - 17.08.2012 08:17:10 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:17:10 - Fehler beim Herstellen der Internetverbindung. 14:17:10
- Serververbindung konnte nicht hergestellt werden..
Error - 17.08.2012 08:17:15 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:17:15 - Fehler beim Herstellen der Internetverbindung. 14:17:15
- Serververbindung konnte nicht hergestellt werden..
Error - 17.08.2012 13:28:22 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 19:28:21 - Fehler beim Herstellen der Internetverbindung. 19:28:21
- Serververbindung konnte nicht hergestellt werden..
Error - 17.08.2012 13:28:34 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 19:28:27 - Fehler beim Herstellen der Internetverbindung. 19:28:27
- Serververbindung konnte nicht hergestellt werden..
Error - 19.08.2012 04:21:51 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 10:21:51 - Fehler beim Herstellen der Internetverbindung. 10:21:51
- Serververbindung konnte nicht hergestellt werden..
Error - 19.08.2012 04:22:03 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 10:21:56 - Fehler beim Herstellen der Internetverbindung. 10:21:56
- Serververbindung konnte nicht hergestellt werden..
Error - 19.08.2012 09:14:45 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 15:14:45 - Fehler beim Herstellen der Internetverbindung. 15:14:45
- Serververbindung konnte nicht hergestellt werden..
Error - 19.08.2012 09:14:56 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 15:14:50 - Fehler beim Herstellen der Internetverbindung. 15:14:50
- Serververbindung konnte nicht hergestellt werden..
Error - 24.08.2012 08:25:50 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:25:50 - Fehler beim Herstellen der Internetverbindung. 14:25:50
- Serververbindung konnte nicht hergestellt werden..
Error - 24.08.2012 08:26:03 | Computer Name = Baumkind-MSI | Source = MCUpdate | ID = 0
Description = 14:25:55 - Fehler beim Herstellen der Internetverbindung. 14:25:55
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 17.09.2012 08:55:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 17.09.2012 08:55:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 18.09.2012 05:17:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 18.09.2012 05:17:56 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 19.09.2012 02:40:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 19.09.2012 02:40:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 20.09.2012 06:14:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 20.09.2012 06:14:54 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 20.09.2012 07:51:49 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 20.09.2012 07:51:49 | Computer Name = Baumkind-MSI | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
Hier die Ergebnisse eines kompletten Antivir Scans: Warnungen: 17 C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RI1NLBF.incomplete [WARNUNG] Unerwartetes Dateiende erreicht C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RJ94NUF.incomplete [WARNUNG] Die Datei konnte nicht gelesen werden! C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RMSE0NH.incomplete [WARNUNG] Die Datei konnte nicht gelesen werden! C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RR40W8E.incomplete [WARNUNG] Die Datei konnte nicht gelesen werden! C:\Program Files (x86)\WinRAR 3.61 Multi\rarnew.dat [WARNUNG] Das Archiv ist unbekannt oder defekt C:\ProgramData\Microsoft\WLSetup\wlt2279.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wlt818A.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wlt8811.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wltB5DF.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wltB977.tmp [WARNUNG] Der Archivheader ist defekt C:\Users\Baumkind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BN2IZY4M\Firefox_Setup_14.0.1[1].exe [WARNUNG] Die Datei konnte nicht gelesen werden! C:\Users\Baumkind\Downloads\avira_free_antivirus_de.exe [WARNUNG] Die Datei ist kennwortgeschützt C:\Users\Baumkind\Downloads\avira_free_antivirus_de12001199.exe [WARNUNG] Die Datei ist kennwortgeschützt Funde: 0 Fehler: 4 Reaktor 5 5.7.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! Massive 1.3.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! Absynth 5 5.1.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! Object [WARNUNG] Die Datei konnte nicht gelesen werden! Hier der gesamte Scan: Avira Free Antivirus Erstellungsdatum der Reportdatei: Samstag, 22. September 2012 14:31 Es wird nach 4250776 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira AntiVir Personal - Free Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows 7 Home Premium Windowsversion : (Service Pack 1) [6.1.7601] Boot Modus : Normal gebootet Benutzername : Baumkind Computername : BAUMKIND-MSI Versionsinformationen: BUILD.DAT : 12.0.0.1199 40869 Bytes 07.09.2012 22:14:00 AVSCAN.EXE : 12.3.0.33 468472 Bytes 07.09.2012 16:25:55 AVSCAN.DLL : 12.3.0.15 66256 Bytes 07.09.2012 16:26:03 LUKE.DLL : 12.3.0.15 68304 Bytes 07.09.2012 16:25:59 AVSCPLR.DLL : 12.3.0.27 97064 Bytes 07.09.2012 16:25:55 AVREG.DLL : 12.3.0.33 232232 Bytes 07.09.2012 16:25:55 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 16:18:34 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 21:22:12 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 21:31:36 VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 07:58:50 VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 20:37:35 VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:26:03 VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 16:37:27 VBASE007.VDF : 7.11.41.251 2048 Bytes 06.09.2012 16:37:27 VBASE008.VDF : 7.11.41.252 2048 Bytes 06.09.2012 16:37:27 VBASE009.VDF : 7.11.41.253 2048 Bytes 06.09.2012 16:37:27 VBASE010.VDF : 7.11.41.254 2048 Bytes 06.09.2012 16:37:27 VBASE011.VDF : 7.11.41.255 2048 Bytes 06.09.2012 16:37:27 VBASE012.VDF : 7.11.42.0 2048 Bytes 06.09.2012 16:37:27 VBASE013.VDF : 7.11.42.1 2048 Bytes 06.09.2012 16:37:27 VBASE014.VDF : 7.11.42.65 203264 Bytes 09.09.2012 10:22:24 VBASE015.VDF : 7.11.42.125 156672 Bytes 11.09.2012 10:22:24 VBASE016.VDF : 7.11.42.171 187904 Bytes 12.09.2012 10:22:25 VBASE017.VDF : 7.11.42.235 141312 Bytes 13.09.2012 10:22:26 VBASE018.VDF : 7.11.43.35 133632 Bytes 15.09.2012 10:22:26 VBASE019.VDF : 7.11.43.89 129024 Bytes 18.09.2012 10:22:26 VBASE020.VDF : 7.11.43.141 130560 Bytes 19.09.2012 10:22:27 VBASE021.VDF : 7.11.43.187 121856 Bytes 21.09.2012 10:22:27 VBASE022.VDF : 7.11.43.188 2048 Bytes 21.09.2012 10:22:27 VBASE023.VDF : 7.11.43.189 2048 Bytes 21.09.2012 10:22:27 VBASE024.VDF : 7.11.43.190 2048 Bytes 21.09.2012 10:22:27 VBASE025.VDF : 7.11.43.191 2048 Bytes 21.09.2012 10:22:28 VBASE026.VDF : 7.11.43.192 2048 Bytes 21.09.2012 10:22:28 VBASE027.VDF : 7.11.43.193 2048 Bytes 21.09.2012 10:22:28 VBASE028.VDF : 7.11.43.194 2048 Bytes 21.09.2012 10:22:28 VBASE029.VDF : 7.11.43.195 2048 Bytes 21.09.2012 10:22:28 VBASE030.VDF : 7.11.43.196 2048 Bytes 21.09.2012 10:22:28 VBASE031.VDF : 7.11.43.222 80896 Bytes 22.09.2012 10:22:28 Engineversion : 8.2.10.164 AEVDF.DLL : 8.1.2.10 102772 Bytes 07.09.2012 16:25:51 AESCRIPT.DLL : 8.1.4.54 459131 Bytes 22.09.2012 10:22:37 AESCN.DLL : 8.1.8.2 131444 Bytes 16.02.2012 14:11:36 AESBX.DLL : 8.2.5.12 606578 Bytes 07.09.2012 16:25:51 AERDL.DLL : 8.1.9.15 639348 Bytes 20.01.2012 21:21:32 AEPACK.DLL : 8.3.0.36 811382 Bytes 22.09.2012 10:22:36 AEOFFICE.DLL : 8.1.2.42 201083 Bytes 07.09.2012 16:25:50 AEHEUR.DLL : 8.1.4.100 5280120 Bytes 22.09.2012 10:22:35 AEHELP.DLL : 8.1.23.2 258422 Bytes 07.09.2012 16:25:49 AEGEN.DLL : 8.1.5.36 434549 Bytes 07.09.2012 16:37:40 AEEXP.DLL : 8.1.0.86 90484 Bytes 07.09.2012 16:37:40 AEEMU.DLL : 8.1.3.2 393587 Bytes 07.09.2012 16:25:49 AECORE.DLL : 8.1.27.4 201078 Bytes 07.09.2012 16:37:40 AEBB.DLL : 8.1.1.0 53618 Bytes 20.01.2012 21:21:28 AVWINLL.DLL : 12.3.0.15 27344 Bytes 07.09.2012 16:25:56 AVPREF.DLL : 12.3.0.15 51920 Bytes 07.09.2012 16:25:55 AVREP.DLL : 12.3.0.15 179208 Bytes 07.09.2012 16:25:55 AVARKT.DLL : 12.3.0.15 211408 Bytes 07.09.2012 16:25:54 AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 07.09.2012 16:25:54 SQLITE3.DLL : 3.7.0.1 398288 Bytes 07.09.2012 16:26:01 AVSMTP.DLL : 12.3.0.32 63480 Bytes 07.09.2012 16:25:55 NETNT.DLL : 12.3.0.15 17104 Bytes 07.09.2012 16:25:59 RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 07.09.2012 16:26:04 RCTEXT.DLL : 12.3.0.31 100088 Bytes 07.09.2012 16:26:04 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Vollständige Systemprüfung Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp Protokollierung.......................: standard Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, D:, Durchsuche aktive Programme...........: ein Laufende Programme erweitert..........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: ein Integritätsprüfung von Systemdateien..: aus Datei Suchmodus.......................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Samstag, 22. September 2012 14:31 Der Suchlauf über die Masterbootsektoren wird begonnen: Masterbootsektor HD0 [INFO] Es wurde kein Virus gefunden! Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'C:\' [INFO] Es wurde kein Virus gefunden! Bootsektor 'D:\' [INFO] Es wurde kein Virus gefunden! Der Suchlauf nach versteckten Objekten wird begonnen. Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'TeaTimer.exe' - '46' Modul(e) wurden durchsucht Durchsuche Prozess 'SpybotSD.exe' - '84' Modul(e) wurden durchsucht Durchsuche Prozess 'iviRegMgr.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'mscorsvw.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '81' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '110' Modul(e) wurden durchsucht Durchsuche Prozess 'BTPlayerCtrl.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'mediasrv.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'obexsrv.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'VMCService.exe' - '79' Modul(e) wurden durchsucht Durchsuche Prozess 'PsiService_2.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'PnkBstrA.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '82' Modul(e) wurden durchsucht Durchsuche Prozess 'jusched.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'ChargeService.exe' - '24' Modul(e) wurden durchsucht Durchsuche Prozess 'iTunesHelper.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'MobileConnect.exe' - '126' Modul(e) wurden durchsucht Durchsuche Prozess 'YCMMirage.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'THXAudio.exe' - '60' Modul(e) wurden durchsucht Durchsuche Prozess 'VGAOCAP.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'KLM.exe' - '92' Modul(e) wurden durchsucht Durchsuche Prozess 'Super-Charger.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'iusb3mon.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorIcon.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'Skype.exe' - '160' Modul(e) wurden durchsucht Durchsuche Prozess 'MSIService.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'FABS.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'devmonsrv.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'AppleMobileDeviceService.exe' - '67' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '41' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '3491' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' <OS_Install> C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RI1NLBF.incomplete [WARNUNG] Unerwartetes Dateiende erreicht C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RJ94NUF.incomplete [0] Archivtyp: ZIP --> Reaktor 5 5.7.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! [WARNUNG] Die Datei konnte nicht gelesen werden! C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RMSE0NH.incomplete [0] Archivtyp: ZIP --> Massive 1.3.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! [WARNUNG] Die Datei konnte nicht gelesen werden! C:\$Recycle.Bin\S-1-5-21-3664255064-580672183-1075423204-1001\$RR40W8E.incomplete [0] Archivtyp: ZIP --> Absynth 5 5.1.1 Setup PC.exe [WARNUNG] Die Datei konnte nicht gelesen werden! [WARNUNG] Die Datei konnte nicht gelesen werden! C:\Program Files (x86)\WinRAR 3.61 Multi\rarnew.dat [WARNUNG] Das Archiv ist unbekannt oder defekt C:\ProgramData\Microsoft\WLSetup\wlt2279.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wlt818A.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wlt8811.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wltB5DF.tmp [WARNUNG] Der Archivheader ist defekt C:\ProgramData\Microsoft\WLSetup\wltB977.tmp [WARNUNG] Der Archivheader ist defekt C:\Users\Baumkind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BN2IZY4M\Firefox_Setup_14.0.1[1].exe --> Object [WARNUNG] Die Datei konnte nicht gelesen werden! [WARNUNG] Die Datei konnte nicht gelesen werden! C:\Users\Baumkind\Downloads\avira_free_antivirus_de.exe [WARNUNG] Die Datei ist kennwortgeschützt C:\Users\Baumkind\Downloads\avira_free_antivirus_de12001199.exe [WARNUNG] Die Datei ist kennwortgeschützt Beginne mit der Suche in 'D:\' <Data> Ende des Suchlaufs: Samstag, 22. September 2012 17:47 Benötigte Zeit: 3:16:28 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 38227 Verzeichnisse wurden überprüft 1341271 Dateien wurden geprüft 0 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 1341271 Dateien ohne Befall 7452 Archive wurden durchsucht 17 Warnungen 0 Hinweise 802220 Objekte wurden beim Rootkitscan durchsucht 0 Versteckte Objekte wurden gefunden Weiterer Scan im zweiten Post. |
|
22.09.2012, 15:04
| #2 |
| | 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Ah, hier noch meine dxdiag falls sie hilft:
__________________------------------ System Information ------------------ Time of this report: 9/22/2012, 16:36:06 Machine name: BAUMKIND-MSI Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120503-2030) Language: German (Regional Setting: German) System Manufacturer: Micro-Star International Co., Ltd. System Model: GT70 0NC/GT70 0NC BIOS: MSI GT70 0NC E1762IMS Ver:1.0C MSI-Notebook Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz (8 CPUs), ~2.3GHz Memory: 8192MB RAM Available OS Memory: 8088MB RAM Page File: 4460MB used, 11714MB available Windows Dir: C:\windows DirectX Version: DirectX 11 DX Setup Parameters: Not found User DPI Setting: Using System DPI System DPI Setting: 120 DPI (125 percent) DWM DPI Scaling: UnKnown DxDiag Version: 6.01.7601.17514 32bit Unicode ------------ DxDiag Notes ------------ Display Tab 1: No problems found. Sound Tab 1: No problems found. Sound Tab 2: No problems found. Sound Tab 3: No problems found. Input Tab: No problems found. -------------------- DirectX Debug Levels -------------------- Direct3D: 0/4 (retail) DirectDraw: 0/4 (retail) DirectInput: 0/5 (retail) DirectMusic: 0/5 (retail) DirectPlay: 0/9 (retail) DirectSound: 0/5 (retail) DirectShow: 0/6 (retail) --------------- Display Devices --------------- Card name: Intel(R) HD Graphics 4000 Manufacturer: Intel Corporation Chip type: Intel(R) HD Graphics Family DAC type: Internal Device Key: Enum\PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09 Display Memory: 1696 MB Dedicated Memory: 64 MB Shared Memory: 1632 MB Current Mode: 1920 x 1080 (32 bit) (59Hz) Monitor Name: PnP-Monitor (Standard) Monitor Model: PL2409HD Monitor Id: IVM560C Native Mode: 1920 x 1080(p) (60.000Hz) Output Type: HDMI Monitor Name: Generic PnP Monitor Monitor Model: unknown Monitor Id: CMO1720 Native Mode: 1920 x 1080(p) (60.020Hz) Output Type: Internal Driver Name: igdumd64.dll,igd10umd64.dll,igd10umd64.dll,igdumd32,igd10umd32,igd10umd32 Driver File Version: 8.15.0010.2696 (English) Driver Version: 8.15.10.2696 DDI Version: 11 Driver Model: WDDM 1.1 Driver Attributes: Final Retail Driver Date/Size: 3/19/2012 23:31:56, 8087040 bytes WHQL Logo'd: Yes WHQL Date Stamp: Device Identifier: {D7B78E66-4226-11CF-5A7D-C130A9C2C535} Vendor ID: 0x8086 Device ID: 0x0166 SubSys ID: 0x10CB1462 Revision ID: 0x0009 Driver Strong Name: oem57.inf:IntelGfx.NTamd64.6.0:iIVBM0:8.15.10.2696  ci\ven_8086&dev_0166Rank Of Driver: 00E62001 Video Accel: ModeMPEG2_A ModeMPEG2_C ModeWMV9_C ModeVC1_C Deinterlace Caps: {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend D3D9 Overlay: Supported DXVA-HD: Supported DDraw Status: Enabled D3D Status: Enabled AGP Status: Enabled ------------- Sound Devices ------------- Description: Lautsprecher (DN-MC6000) Default Sound Playback: Yes Default Voice Playback: Yes Hardware ID: USB\VID_154E&PID_5013&REV_0504&MI_00 Manufacturer ID: 65535 Product ID: 65535 Type: WDM Driver Name: USBAUDIO.sys Driver Version: 6.01.7601.17514 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 11/21/2010 07:23:47, 109696 bytes Other Files: Driver Provider: Microsoft HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No Description: PL2409HD (Intel(R) Display Audio) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_80860101&REV_1000 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: IntcDAud.sys Driver Version: 6.14.0000.3090 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 12/5/2011 23:23:08, 331264 bytes Other Files: Driver Provider: Intel(R) Corporation HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No Description: Lautsprecher (Realtek High Definition Audio) Default Sound Playback: No Default Voice Playback: No Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_146210BE&REV_1003 Manufacturer ID: 1 Product ID: 100 Type: WDM Driver Name: RTKVHD64.sys Driver Version: 6.00.0001.6549 (English) Driver Attributes: Final Retail WHQL Logo'd: Yes Date and Size: 1/10/2012 15:46:30, 4731112 bytes Other Files: Driver Provider: Realtek Semiconductor Corp. HW Accel Level: Basic Cap Flags: 0xF1F Min/Max Sample Rate: 100, 200000 Static/Strm HW Mix Bufs: 1, 0 Static/Strm HW 3D Bufs: 0, 0 HW Memory: 0 Voice Management: No EAX(tm) 2.0 Listen/Src: No, No I3DL2(tm) Listen/Src: No, No Sensaura(tm) ZoomFX(tm): No --------------------- Sound Capture Devices --------------------- Description: Mikrofon (DN-MC6000) Default Sound Capture: Yes Default Voice Capture: Yes Driver Name: USBAUDIO.sys Driver Version: 6.01.7601.17514 (English) Driver Attributes: Final Retail Date and Size: 11/21/2010 07:23:47, 109696 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF Description: Mikrofon (Realtek High Definition Audio) Default Sound Capture: No Default Voice Capture: No Driver Name: RTKVHD64.sys Driver Version: 6.00.0001.6549 (English) Driver Attributes: Final Retail Date and Size: 1/10/2012 15:46:30, 4731112 bytes Cap Flags: 0x1 Format Flags: 0xFFFFF ------------------- DirectInput Devices ------------------- Device Name: Maus Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: Tastatur Attached: 1 Controller ID: n/a Vendor/Product ID: n/a FF Driver: n/a Device Name: G510 Gaming Keyboard Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x046D, 0xC22D FF Driver: n/a Device Name: G510 Gaming Keyboard Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x046D, 0xC22D FF Driver: n/a Device Name: MSI EPF USB Attached: 1 Controller ID: 0x0 Vendor/Product ID: 0x1770, 0xFF00 FF Driver: n/a Poll w/ Interrupt: No ----------- USB Devices ----------- + USB-Root-Hub | Vendor/Product ID: 0x8086, 0x1E26 | Matching Device ID: usb\root_hub20 | Service: usbhub | +-+ Generic USB Hub | | Vendor/Product ID: 0x8087, 0x0024 | | Location: Port_#0001.Hub_#0002 | | Matching Device ID: usb\class_09 | | Service: usbhub ---------------- Gameport Devices ---------------- ------------ PS/2 Devices ------------ + Standardtastatur (PS/2) | Matching Device ID: *pnp0303 | Service: i8042prt | + HID-Tastatur | Vendor/Product ID: 0x046D, 0xC22D | Matching Device ID: hid_device_system_keyboard | Service: kbdhid | + Terminalserver-Tastaturtreiber | Matching Device ID: root\rdp_kbd | Upper Filters: kbdclass | Service: TermDD | + Synaptics PS/2 Port Pointing Device | Matching Device ID: *pnp0f13 | Upper Filters: SynTP | Service: i8042prt | + HID-konforme Maus | Vendor/Product ID: 0x046D, 0xC051 | Matching Device ID: hid_device_system_mouse | Service: mouhid | + Terminalserver-Maustreiber | Matching Device ID: root\rdp_mou | Upper Filters: mouclass | Service: TermDD ------------------------ Disk & DVD/CD-ROM Drives ------------------------ Drive: C: Free Space: 86.8 GB Total Space: 421.8 GB File System: NTFS Model: Hitachi HTS727575A9E364 Drive: D: Free Space: 275.6 GB Total Space: 281.2 GB File System: NTFS Model: Hitachi HTS727575A9E364 Drive: E: Model: TSSTcorp DVDWBD TS-LB23D Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (German), , 0 bytes -------------- System Devices -------------- Name: Intel(R) 7 Series/C216 Chipset Family SMBus Host Controller - 1E22 Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_10BE1462&REV_04\3&11583659&1&FB Driver: n/a Name: 3rd Gen Core processor DRAM Controller - 0154 Device ID: PCI\VEN_8086&DEV_0154&SUBSYS_10BE1462&REV_09\3&11583659&1&00 Driver: n/a Name: High Definition Audio-Controller Device ID: PCI\VEN_8086&DEV_1E20&SUBSYS_10BE1462&REV_04\3&11583659&1&D8 Driver: n/a Name: Xeon(R) processor E3-1200 v2/3rd Gen Core processor PCI Express Root Port - 0151 Device ID: PCI\VEN_8086&DEV_0151&SUBSYS_10BE1462&REV_09\3&11583659&1&08 Driver: n/a Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 5 - 1E18 Device ID: PCI\VEN_8086&DEV_1E18&SUBSYS_10BE1462&REV_C4\3&11583659&1&E4 Driver: n/a Name: Killer e2200 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Device ID: PCI\VEN_1969&DEV_E091&SUBSYS_10BE1462&REV_13\4&1B833DA3&0&00E0 Driver: n/a Name: Intel(R) HM77 Express Chipset LPC Controller - 1E57 Device ID: PCI\VEN_8086&DEV_1E57&SUBSYS_10BE1462&REV_04\3&11583659&1&F8 Driver: n/a Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 3 - 1E14 Device ID: PCI\VEN_8086&DEV_1E14&SUBSYS_10BE1462&REV_C4\3&11583659&1&E2 Driver: n/a Name: SDA-Standard konformer SD-Hostcontroller Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10BE1462&REV_01\4&2A555E0E&0&01E4 Driver: n/a Name: Intel(R) Management Engine Interface Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_10BE1462&REV_04\3&11583659&1&B0 Driver: n/a Name: Intel(R) 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10 Device ID: PCI\VEN_8086&DEV_1E10&SUBSYS_10BE1462&REV_C4\3&11583659&1&E0 Driver: n/a Name: Realtek PCIE CardReader Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_10BE1462&REV_01\4&2A555E0E&0&00E4 Driver: n/a Name: Intel(R) USB 3.0 eXtensible-Hostcontroller Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_10BE1462&REV_04\3&11583659&1&A0 Driver: n/a Name: Intel(R) 7 Series Chipset Family SATA AHCI Controller Device ID: PCI\VEN_8086&DEV_1E03&SUBSYS_10BE1462&REV_04\3&11583659&1&FA Driver: n/a Name: NVIDIA GeForce GTX 670M Device ID: PCI\VEN_10DE&DEV_1213&SUBSYS_10CB1462&REV_A1\4&5435C8C&0&0008 Driver: n/a Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D Device ID: PCI\VEN_8086&DEV_1E2D&SUBSYS_10BE1462&REV_04\3&11583659&1&D0 Driver: n/a Name: Intel(R) Centrino(R) Wireless-N 2230 Device ID: PCI\VEN_8086&DEV_0887&SUBSYS_40628086&REV_C4\4&3AB831D&0&00E2 Driver: n/a Name: Intel(R) 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26 Device ID: PCI\VEN_8086&DEV_1E26&SUBSYS_10BE1462&REV_04\3&11583659&1&E8 Driver: n/a Name: Intel(R) HD Graphics 4000 Device ID: PCI\VEN_8086&DEV_0166&SUBSYS_10CB1462&REV_09\3&11583659&1&10 Driver: n/a ------------------ DirectShow Filters ------------------ DirectShow Filters: WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514 WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514 WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514 MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385 Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385 WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514 WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.17514 Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385 Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385 HH Video Step Renderer,0x00200000,1,0,hhvrend2.ax,1.00.0000.0000 WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728 Record Queue,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728 WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728 WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,16.04.3503.0728 WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728 WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,16.04.3503.0728 WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,16.04.3503.0728 DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514 Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.17713 WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514 Video Memory Render Filter,0x00200000,1,0,VideoMemoryRenderFilter.ax, Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514 AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.17713 VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.17713 SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528 Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000 AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528 StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528 MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713 MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.17713 SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514 MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528 Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514 SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528 Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514 Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713 MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.17713 DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514 Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.17713 Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514 ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.17713 Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713 MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528 Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7601.17835 Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.17713 Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.17713 File Writer,0x00200000,1,0,WLXVAFilt.dll,16.04.3503.0728 VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514 WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514 VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514 File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514 iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514 iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514 DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.17835 Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7601.17835 AVI Draw,0x00600064,9,1,quartz.dll,6.06.7601.17713 RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll, Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514 WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514 MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528 DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514 SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.17514 Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.17514 MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514 Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514 StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528 Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514 Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7601.17835 AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713 AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.17713 Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713 File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.17713 Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000 StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528 AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514 Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.17713 File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.17713 File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.17713 Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514 Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.17514 BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669 MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.17713 IL FL Studio DXi,0x00200000,1,1,FLSTUD~2.DLL,1.00.0013.0000 IL Multi FL Studio DXi,0x00200000,1,1,FLSTUD~1.DLL,1.00.0013.0000 WDM Streaming Tee/Splitter Devices: Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Video Compressors: WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385 WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385 MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385 DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514 MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.17713 Cinepak Codec von Radius,0x00200000,1,1,qcap.dll,6.06.7601.17514 Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7601.17514 Intel IYUV Codec,0x00200000,1,1,qcap.dll,6.06.7601.17514 Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7601.17514 Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7601.17514 Audio Compressors: WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385 WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385 IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 PCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode1),0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode2),0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode3),0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode1+),0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode2+),0x00200000,1,1,quartz.dll,6.06.7601.17713 Ogg Vorbis (mode3+),0x00200000,1,1,quartz.dll,6.06.7601.17713 Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713 GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.17713 Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7601.17713 CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713 CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713 MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.17713 Audio Capture Sources: Mikrofon (DN-MC6000),0x00200000,0,0,qcap.dll,6.06.7601.17514 Mikrofon (Realtek High Definiti,0x00200000,0,0,qcap.dll,6.06.7601.17514 PBDA CP Filters: PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528 PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528 PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528 Midi Renderers: Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.17713 DN-MC6000,0x00200000,1,0,quartz.dll,6.06.7601.17713 Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.17713 WDM Streaming Capture Devices: Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 CyberLink Webcam Splitter,0x00200000,0,1,ksproxy.ax,6.01.7601.17514 DN-MC6000,0x00200000,4,4,ksproxy.ax,6.01.7601.17514 BisonCam, NB Pro,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 WDM Streaming Rendering Devices: Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Intel(R) Display Audio Output 1,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 DN-MC6000,0x00200000,4,4,ksproxy.ax,6.01.7601.17514 BDA Network Providers: Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514 Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514 Video Capture Sources: CyberLink Webcam Splitter,0x00200000,0,1,ksproxy.ax,6.01.7601.17514 BisonCam, NB Pro,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Multi-Instance Capable VBI Codecs: VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514 BDA Transport Information Renderers: BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669 MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514 BDA CP/CA Filters: Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708 Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708 PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708 XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708 WDM Streaming Communication Transforms: Tee/Sink-to-Sink-Konvertierung,0x00200000,1,1,ksproxy.ax,6.01.7601.17514 Audio Renderers: Lautsprecher (DN-MC6000),0x00200000,1,0,quartz.dll,6.06.7601.17713 Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.17713 Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: Lautsprecher (DN-MC6000),0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: Lautsprecher (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713 DirectSound: PL2409HD (Intel(R) Display Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713 Lautsprecher (Realtek High Defi,0x00200000,1,0,quartz.dll,6.06.7601.17713 PL2409HD (Intel(R) Display Audi,0x00200000,1,0,quartz.dll,6.06.7601.17713 --------------- EVR Power Information --------------- Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality) Quality Flags: 2576 Enabled: Force throttling Allow half deinterlace Allow scaling Decode Power Usage: 100 Balanced Flags: 1424 Enabled: Force throttling Allow batching Force half deinterlace Force scaling Decode Power Usage: 50 PowerFlags: 1424 Enabled: Force throttling Allow batching Force half deinterlace Force scaling Decode Power Usage: 0 Werde jetzt gleich noch Malwarebyte und Spybot durchlaufen lassen... Wenn irgendwie möglich würde ich gerne ein Neuaufsetzen des Laptops verhindern, da ich ihn in Kürze für einen DJ Auftritt benötige und mir ungerne sämtliche Einstellungen über den Haufen schießen möchte... Wenn ihr noch irgendwelche Informatinonen braucht, sagt einfach bescheit! Bedanke mich schon mal im Vorraus für jegliche Hilfe, bin grade mehr oder weniger am verzweifeln. Mit freundlichen Grüßen Baumkind / Lukas |
|
27.09.2012, 13:44
| #3 |
| /// Helfer-Team  | 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Leider hast du durch deine Antwort dein Thema vergraben. Ist das Problem noch aktuell?
__________________ |
|
27.09.2012, 20:19
| #4 |
| | 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Also, das Problem mit der IP besteht noch, allerdings habe ich eine Mögliche Erklärung gefunden. Da ich zur Zeit in einem Wohngebiet in Moskau wohne, vermute ich dass meine IP vom Hauptrouter des Gebietes erkannt wird, da meines Wissens alles über den geroutet ist, kann aber sein dass ich mich täusche. Virenscans mit sämtlichen Programmen haben nichts ergeben, vermute also mal, dass mein PC noch in Ordnung ist. Hätte aber eine andere Frage, welche mich eigentlich erst auf das IP Problem gebracht hat. Wollte mit ein paar Freunden Torchlight 2 spielen, allerdings habe ich das Problem, dass mir kein Spieler joinen kann und ich andersherum auch niemandem joinen kann. Ich habe eine fest zugewiesene IP-Adresse und den benötigten Port geforwarded. Trotzdem will mich mein Router oder was auch immer einfach nicht connecten lassen. Hier mal die Log-Daten meines letzten Connects: [18:16:44] Open logfile: [Torchlight2] on [2012.09.22] at [18:16:44] [18:16:44] Generic Game pointer: 0C587800 [18:16:44] Generic DRM initialized [18:16:45] Generic Initializing root [18:16:45] Generic Creating Sound Manager [18:16:45] Generic Reading in manifest file: PAKS/DATA.PAK.MAN [18:16:47] Generic Creating Sound Manager [18:16:47] Generic Running Configuration [18:16:48] Generic Getting custom attribute from window [18:16:48] Generic Choosing Scene Manager. [18:16:48] Generic Creating Camera [18:16:48] Generic Creating Viewports. [18:16:48] Generic Resizing window. [18:16:48] Generic Setting default mipmaps. [18:16:48] Generic Creating frame listeners. [18:16:48] Generic geting custom window attribute. [18:16:48] Generic Adding window event listener. [18:16:48] Generic Adding window listener. [18:16:48] Generic Creating Game Client. [18:16:49] Generic Creating materials [18:16:49] Net WARNING Net error reading UDP message. 10009: Das angegebene Dateihandle ist ungültig. [18:17:29] Lobby Attempting to connect to lobby server at [66.151.133.120:4549] [18:17:29] Net Attempt to connect to server at [66.151.133.120:4549] [18:17:29] Net Client 1 successfully connected. [18:17:29] Net Connected to client 1, sending NetConnectMsg. [18:17:30] Net Client 1 received NetConnectOkMsg with key 00000000. [18:17:30] Lobby Lobby server set my key to 02621b85 [18:17:30] Net Attempting to set up UPnP port forwarding. [18:17:31] Net Got port mapping change callback, looking for our mapping... [18:17:32] Lobby Making NAT test connection to 66.151.133.115:4175 [18:17:32] Net Test connection starting... [18:17:32] Net Created new UDP client 100 for remote endpoint 66.151.133.115:4175. [18:17:32] Net Client 100 attempting connection... [18:17:32] Lobby FRIENDS: clearing friends list [18:17:32] Lobby FRIENDS: incremented friends version to 1 [18:17:32] Lobby FRIENDS: Received friend Mantt(728889), flags 03 [18:17:32] Lobby FRIENDS: incremented friends version to 2 [18:17:32] Lobby FRIENDS: Received friend Bazigeddon(729984), flags 03 [18:17:32] Lobby FRIENDS: incremented friends version to 3 [18:17:32] Lobby FRIENDS: Received friend maxilo75(805872), flags 13 [18:17:32] Lobby FRIENDS: incremented friends version to 4 [18:17:32] Generic FRIENDS: UI has 0 entries, updated to version 4. [18:17:32] Generic FRIENDS: UI has 3 entries, updated to version 4. [18:17:38] Net Inactivity of 6.01 > timeout of 20.00, disconnecting client 100. [18:17:38] Net Client 100 added to disconnection list. [18:17:38] Net Test connection failed. [18:17:39] Net Found NAT IGD Name:"DLink ADSL Router" Desc:"DLink single-chip ADSL router" Brand:"DLink" Model:"DSL-2500U" Model#:"340804" [18:17:39] Net Adding UPnP port mapping for UDP/4171 to 192.168.1.3:4171 [18:17:40] Net Successfully initialized UPnP COM objects. [18:17:45] Net Got port mapping change callback, looking for our mapping... [18:17:50] Generic FRIENDS: UI has 3 entries, updated to version 4. [18:17:50] Generic FRIENDS: UI has 0 entries, updated to version 4. [18:17:50] Generic FRIENDS: UI has 3 entries, updated to version 4. [18:17:50] Generic FRIENDS: UI has 0 entries, updated to version 4. [18:17:52] Net WARNING CClientConnectController::update got state 0 from PeerManager. [18:17:52] Lobby Requesting the LobbyServer connect us to peer 020d9b65 [18:17:53] Lobby Lobby server said to connect to peer 020d9b65 [18:17:53] Net Recieved AttemptConnect message for public:83.237.228.248:4006 private:192.168.1.24:4006 makeClient=true [18:17:53] Net Created new UDP client 101 for remote endpoint 83.237.228.248:4006. [18:17:53] Net Client 101 attempting connection... [18:17:53] Net Created new UDP client 102 for remote endpoint 192.168.1.24:4006. [18:17:53] Net Client 102 attempting connection... [18:18:02] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 101. [18:18:02] Net Client 101 added to disconnection list. [18:18:02] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 102. [18:18:02] Net Failed outbound connections to 020d9b65, starting wait for back-connect or relay... [18:18:02] Net Client 102 added to disconnection list. [18:18:02] Net Calling disconnect callback for client 102. [18:18:02] Net Client 102 (key 00000000) has disconnected. Current owner is -1. [18:18:02] Net Deleting client 102. [18:18:02] Lobby Lobby server said to relay-connect to peer 020d9b65 [18:18:02] Net Created new UDP client 103 for remote endpoint 66.151.133.115:4171. [18:18:02] Net Created new UDP client 104 for remote endpoint 0.0.0.0:0. [18:18:02] Net Client 104 attempting connection... [18:18:06] Net Calling PeerManager:  isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME[18:18:06] Net NetManager: isconnect: sending Disconnect Message to All.[18:18:06] Net NetManager::Close() [18:18:06] Net Client 103 sending Close message. [18:18:06] Net Client 104 sending Close message. [18:18:06] Net Calling PeerManager: isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME[18:18:06] Net NetManager: isconnect: sending Disconnect Message to All.[18:18:06] Net NetManager::Close() [18:18:06] Net WARNING CClientConnectController::update got state 0 from PeerManager. [18:18:21] Lobby FRIENDS: Updating known friend Mantt(728889), flags 13 [18:18:21] Lobby FRIENDS: incremented friends version to 5 [18:18:21] Generic FRIENDS: UI has 0 entries, updated to version 5. [18:18:21] Generic FRIENDS: UI has 3 entries, updated to version 5. [18:18:44] Net WARNING CClientConnectController::update got state 0 from PeerManager. [18:18:44] Lobby Requesting the LobbyServer connect us to peer 020d9b65 [18:18:44] Lobby Lobby server said to connect to peer 020d9b65 [18:18:44] Net Recieved AttemptConnect message for public:83.237.228.248:4006 private:192.168.1.24:4006 makeClient=true [18:18:44] Net Created new UDP client 105 for remote endpoint 83.237.228.248:4006. [18:18:44] Net Client 105 attempting connection... [18:18:44] Net Created new UDP client 106 for remote endpoint 192.168.1.24:4006. [18:18:44] Net Client 106 attempting connection... [18:18:54] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 105. [18:18:54] Net Client 105 added to disconnection list. [18:18:54] Net Inactivity of 9.35 > timeout of 20.00, disconnecting client 106. [18:18:54] Net Client 106 added to disconnection list. [18:18:54] Net Calling disconnect callback for client 106. [18:18:54] Net Client 106 (key 00000000) has disconnected. Current owner is -1. [18:18:54] Net Deleting client 106. [18:18:54] Net Calling PeerManager: isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME[18:18:54] Net NetManager: isconnect: sending Disconnect Message to All.[18:18:54] Net NetManager::Close() [18:18:54] Net Calling PeerManager: isconnect because we got KINPUT_EVENT_NETWORK_DISCONNECT_GAME[18:18:54] Net NetManager: isconnect: sending Disconnect Message to All.[18:18:54] Net NetManager::Close() [18:18:54] Net WARNING CClientConnectController::update got state 0 from PeerManager. [18:19:03] Net NetManager: isconnect: sending Disconnect Message to All.[18:19:03] Net Shutting down TCP client, reason: End of file [18:19:03] Net TCPNetManager::Close() [18:19:04] Net WARNING BufferPool clearing with 25 messages (9229 bytes) outstanding. Highest allocation count was 10389. Mir konnte bei diesem Problem leider bis jetzt niemand helfen, die Tipps des Torchlight Supports haben nichts bewirkt (UPnP aktivieren (war schon an), den UDP Port im local_settings.txt file ändern). Bin mir zur Zeit nicht sicher ob ich die aktuellste Firmware auf meinem Router habe, muss ich gleich noch schnell checken... wäre das letzte was mir als Problemverursacher einfallen würde... Mfg Lukas / Baumkind |
|
27.09.2012, 20:26
| #5 |
| /// Helfer-Team | 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen. Diese Nacheinander abarbeiten und die 4 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen. Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern mede dies bitte. 1. Schritt Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE:64bit: - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\..\SearchScopes,DefaultScope = {7938087C-7958-4B93-979E-5706042D5497}
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3664255064-580672183-1075423204-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{1534994e-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{15349951-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{153499ff-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell - "" = AutoRun
O33 - MountPoints2\{15349a01-dd45-11e1-94a8-8c89a5024998}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4711b8-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4711c6-d88f-11e1-a0d0-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{9ab69ed5-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell - "" = AutoRun
O33 - MountPoints2\{9ab69ed8-da4a-11e1-9caa-685d435024cc}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe
[6 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[2012.08.31 17:29:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 17:29:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.31 17:29:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.31 17:29:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.31 17:29:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.31 17:29:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
:Files
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Baumkind\*.tmp
C:\Users\Baumkind\AppData\Local\{*}
C:\Users\Baumkind\AppData\Local\Temp\*.exe
C:\Users\Baumkind\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
ipconfig /flushdns /c
:Commands
[emptytemp]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! 2. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 3. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
4. Schritt
|
|
13.11.2012, 21:43
| #6 |
| /// Helfer-Team | 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________ --> 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. |
|
| Themen zu 79.111.*.* - Werde im Netz unter einer Falschen IP-Adresse erkannt und in Foren als Spambot geblockt. |
| antivir, askbar, avira, bho, bonjour, converter, desktop, error, fehler, firefox, flash player, google, helper, home, install.exe, ip-adresse, logfile, mozilla, mp3, msvcrt, nvidia update, nvpciflt.sys, plug-in, problem, programm, realtek, recycle.bin, registry, root kit, safer networking, scan, software, spambot, spark, teamspeak, usb, usb 3.0, vodafone, windows, wscript.exe |
Linear-Darstellung
