Gesperrt durch automatische Informationskontrolle Hallo, leider wurde mein PC offenbar infiziert und ich leide nun unter dem Problem des gesperrten PCs durch die automatische Informationskontrolle!
Gegenwärtig bin ich im abgesicherten Modus mit Netzwerktreibern unterwegs, es gibt keinerlei erkennbare Probleme!
Wenn ich mich richtig eingelesen habe, sollte ich die
OTL.exe entsprechend eingestellt ausführen und die Texte der beiden Dateien hier posten. Diese hänge i
Zitat:
Zitat von Extras.txt
OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 23.09.2012 12:02:18 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Josh\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,00 Gb Total Physical Memory | 4,10 Gb Available Physical Memory | 81,96% Memory free
10,14 Gb Paging File | 9,39 Gb Available in Paging File | 92,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 498,51 Gb Total Space | 230,75 Gb Free Space | 46,29% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 152,39 Gb Free Space | 65,44% Space Free | Partition Type: NTFS
Computer Name: JOSH-PC | User Name: Josh | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = B5 9E EE A7 76 CF CB 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{160D19DD-BC58-4E7E-8506-C89C152F8FFF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BD3E4155-750F-4C3A-A5FE-9FE98FEE1179}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F2032B-42BE-467D-AD98-AEE25DDE6348}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{02A20A6B-8691-4A3C-B10F-1C067C751D0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{09B404C9-FB05-4940-A14E-FB25BD744813}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\theatre of war\missioneditor\missiongen.exe |
"{0CD5248B-E8E1-470C-B27A-9FDCD8E95ABE}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{0EAAD489-88D2-4B22-9C49-2973CD18F026}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dxhrml\dxhrml.exe |
"{0F5BC3C9-1106-4A1C-AA84-B52F87EDF65C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{0FBCD604-EBFB-49FC-B8D6-F959C9C6D542}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{226B4757-894D-4E4A-A81A-B57777157EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{24AE56D0-8A57-42EC-B67F-C017BDA103EE}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{27DF2E70-F809-4260-A1FC-152DADD7C425}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lara croft and the guardian of light\lcgol.exe |
"{2BC4CDF2-3E27-403D-A3B7-E805D410311A}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{34DEB79E-636E-4BA0-B579-8D738D0E3DB2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{3C178E0A-5F8D-4CA8-9ED8-386B3F70177C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{3CFB5E3C-68B0-49A3-83E6-C23886D1910B}" = protocol=17 | dir=in | app=d:\games\forces of corruption\swfoc.exe |
"{44E34E4D-FC5E-4526-ADB8-54501927A68D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{4B136BCA-6A52-436F-BFED-B4662792C65C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex invisible war\system\dx2.exe |
"{4B64B724-1DF8-49F4-8F68-B02EF7486967}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4EB9DFBD-DB95-4E71-9370-334C146B1A04}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{4F97F431-BAEC-4AE3-9B87-EF4236A27AA6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\steamproxy.exe |
"{50E49DE5-FD94-4DAC-AAEA-0FA50CCE5681}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5262BED9-BC20-41BC-85C4-0397A5881D78}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{592B1B9A-E200-4144-8E9C-D4CDED01DB98}" = protocol=6 | dir=in | app=d:\games\forces of corruption\swfoc.exe |
"{5C9EA48B-A929-4A47-AB69-4191C00B9B79}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\redorchestra2beta\binaries\win32\rogame.exe |
"{6535FE6A-708A-4046-93CB-B97E59DDEB6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\theatre of war\missioneditor\editor.exe |
"{6592D12D-C999-483E-B575-997A38DA2A43}" = protocol=17 | dir=in | app=d:\games\diablo iii\diablo iii.exe |
"{65DC7B70-00F6-492A-8E72-1B9E618AC28D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{674B6A96-DA52-4900-952C-60167D9B3452}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{688A6D3E-E891-4A6A-A20E-95BADA50FAC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{6E46230B-BC3E-4206-946F-658AB480D18A}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{6EA171E7-8D30-49AE-B21D-462FFE71D388}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{721BEE5A-403B-4961-B183-8404040261D7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{721DF76E-1F9E-4854-A09B-5D30DA6B1A4F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{79F4277C-D432-43A4-859F-686D99E71584}" = protocol=6 | dir=in | app=d:\games\diablo iii\diablo iii.exe |
"{7BBBC973-4B23-47A5-B871-32E0B865C7D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dxhrml\dxhrml.exe |
"{7EC46A99-DEDE-49D4-A952-EA906C0C8363}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7F359659-9CD3-40F3-9286-884E9220D60C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\deus ex invisible war\system\dx2.exe |
"{89670DD9-0BB3-4681-8288-2A50E8B1D857}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{8A6447FF-5D9E-475B-B19D-3874647B1D02}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8CD6C83C-DC6B-430C-B99C-0FC4E7D35678}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{91B1E305-7643-45AA-99B5-32CC1A0BBC3E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\steamproxy.exe |
"{92378756-B148-4153-A3BD-63740B5BD659}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{95F68F88-9A63-42D7-AD94-8D5B9BA0ED26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{9664D13E-78F2-4622-A839-C24B9CC6CE96}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{98AFF6D5-A3D2-4F8F-914A-EF2CD7627E6C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{99476884-A321-4853-A93E-B14D2DF33443}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{9AF5088F-0F7E-43BC-AAF3-1AF03B5637EB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{9BDADD8B-00F3-4DCC-A163-E73A5A8EB172}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\theatre of war\missioneditor\missiongen.exe |
"{9C9E56D1-9443-4A59-BF4A-68EF5CBF94D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\steamexpansionapp.exe |
"{A2D2D1E7-7F5F-4A87-9F54-BC1DB7B4C8C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\redorchestra2beta\binaries\win32\rogame.exe |
"{A37CC209-6931-466A-970D-B60FD5CE71B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\theatre of war\missioneditor\editor.exe |
"{A7EB3210-7938-436F-819F-D0702956865C}" = protocol=17 | dir=in | app=d:\games\empire at war\gamedata\sweaw.exe |
"{A85BA803-9E7B-4271-913F-E6DE80928004}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{A86049B7-FEE3-4494-9059-3F39D5668F09}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{AA801FCF-2BA1-4230-80DF-93AE167EC0FB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{AAE793F2-B8BC-490A-B363-B57D84061D36}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{B05693D5-DD25-4389-91D3-49CA8AB9B433}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra\system\redorchestra.exe |
"{B22C9717-2CDB-4271-9D37-643121A0BCFA}" = protocol=6 | dir=in | app=d:\games\empire at war\gamedata\sweaw.exe |
"{B552F613-C195-4F88-A27B-97567A97D558}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{BDE1A23A-9ECB-4A23-AE5E-D4E892BC77B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{C18A52ED-AC63-4F4E-B2C4-6E1D6B9CA98E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{C3DC0E3D-8E96-4658-BD3A-B572F5BA95D3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C4007983-536E-4683-B20F-D809ED9BB160}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C76F6137-2E86-431A-8D83-6B915E6ACE8B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C9E71FE3-3CD3-4C8D-A65E-ED39B8C3D8F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\steamexpansionapp.exe |
"{CC6A5F72-FF1A-4751-BB2C-C225D143DE84}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{CC97D4DB-9EF9-49D9-B3EB-2E98219B4994}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{CD6037AF-9DC1-40E2-A5A8-CE3442626F9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\launcheflc.exe |
"{D122300C-3117-4519-97C0-55888F29C301}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\config.exe |
"{D337EF92-6D0C-4218-B24F-9F692E877795}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{D836F972-7164-4701-967D-1B79AAC6DB17}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lara croft and the guardian of light\lcgol.exe |
"{DA615663-7F23-4DD9-9946-BEAAAF90B3C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra\system\redorchestra.exe |
"{DC964A09-8A40-4A85-A659-43E4D64A0723}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{E0A56B3C-66CD-482D-903C-B3BCD9C71A1C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F4772B56-6B16-4D9D-9F83-AFE472289739}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\launchgtaiv.exe |
"{FC928022-EA8E-4EBD-85C7-0900E8A8168B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\race 07\config.exe |
"{FFC69733-CE8F-4889-9D56-986EFDA606C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"TCP Query User{140E936F-39AA-46EE-ADC7-372F14E5B51C}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe |
"TCP Query User{2FD15FAA-FF2A-46B5-8A33-9EC7694E84CC}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{34722618-696C-4020-B279-60E8AA7FECC0}C:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"TCP Query User{41BB3871-CD03-4D42-9493-DAFDF39BF71D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"TCP Query User{452D3DBC-997B-4229-8CDE-D2118A2F4A7A}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"TCP Query User{88CA6EB0-84A3-4BB0-858A-8BC61C30F86A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{AFD987F8-3BED-46EA-9EDE-2442BE232154}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{B8295DFB-278C-4651-BF72-0020F0B13AA7}C:\program files (x86)\steam\steamapps\common\lost planet colonies\lostplanetcoloniesdx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lost planet colonies\lostplanetcoloniesdx9.exe |
"TCP Query User{D706631D-6863-4F43-BEEC-8C5C4B4FB34F}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{DFEEB064-C343-409E-ADBE-44F0D81F2A0B}C:\program files (x86)\steam\steamapps\marcusergalla2005\insurgency\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\insurgency\hl2.exe |
"UDP Query User{11C4F65B-ED00-40ED-9AE2-CC94826BBA34}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{1A3B81DC-2E7A-42C8-B0B9-C6C215C384C5}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{1AFD339D-BF31-4AC0-BFB1-4E5831674E48}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{382AEA2D-9BC6-4D28-B5B4-2DF9FDACA0CC}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe |
"UDP Query User{42C7438E-BEA4-45B0-8565-1DBBCB6F6E16}C:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\juiced 2 hot import nights\juiced2_hin.exe |
"UDP Query User{B72E2653-BDF0-43DC-B0CA-D097D0869084}C:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fable 3\fable3.exe |
"UDP Query User{C8AFE408-8AAD-4087-A0AD-DD08C82A7B0B}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe |
"UDP Query User{CFC6B47B-68E7-4404-976D-5D7EADDF1938}C:\program files (x86)\steam\steamapps\marcusergalla2005\insurgency\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\marcusergalla2005\insurgency\hl2.exe |
"UDP Query User{E211C88C-0E6F-46E7-B748-EB087A1D39DB}C:\program files (x86)\steam\steamapps\common\lost planet colonies\lostplanetcoloniesdx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\lost planet colonies\lostplanetcoloniesdx9.exe |
"UDP Query User{E47A2E61-2B01-4BB5-BE96-49E3069E210A}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8753DF4D-64B0-474E-9A97-0AB5585D9A53}" = Logitech Gaming Software 5.04
"{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1234C1F4-603F-4C34-8796-3544CF8A83F5}" = Facebook Messenger 2.1.4631.0
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F311E72-C27F-4DF0-8254-B739A1831668}_is1" = SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA507A38-4B2A-40C0-90AC-E30AAA0B757C}" = Vegas Movie Studio Platinum 9.0
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{F6C5F1A1-F459-498F-A50A-EE6C80799D3B}" = Cinescore Studio 1.0
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"BattlEye" = BattlEye Uninstall
"CarrierCommand" = CarrierCommand Uninstall
"DarthMod Ultimate Commander Edition" = DarthMod Ultimate Commander Edition
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Fraps" = Fraps
"Gothic" = Gothic
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"NAVIGON Fresh" = NAVIGON Fresh 3.3.2
"NewBlue Cartoonr for Vegas" = NewBlue Cartoonr for Vegas
"OpenAL" = OpenAL
"Opera 12.02.1578" = Opera 12.02
"PunkBusterSvc" = PunkBuster Services
"Steam App 104320" = Red Orchestra 2: Heroes of Stalingrad Beta
"Steam App 1200" = Red Orchestra: Ostfront 41-45
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 1280" = Darkest Hour: Europe '44-'45
"Steam App 12900" = Audiosurf
"Steam App 201280" = Deus Ex: Human Revolution - The Missing Link
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 220" = Half-Life 2
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35130" = Lara Croft and the Guardian of Light
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 380" = Half-Life 2: Episode One
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 44620" = STCC II
"Steam App 44630" = RACE 07 - Formula RaceRoom Add-On
"Steam App 44650" = GT Power Expansion
"Steam App 44660" = The Retro Expansion
"Steam App 44670" = The WTCC 2010 Pack
"Steam App 6920" = Deus Ex: Invisible War
"Steam App 8600" = RACE 07
"STLFR_eng_is1" = 'Steel Fury - Kharkov 1942'
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"U-Boote: Schlacht im Mittelmeer" = U-Boote: Schlacht im Mittelmeer
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.09.2012 09:43:29 | Computer Name = Josh-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.09.2012 00:58:52 | Computer Name = Josh-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Photoshop.exe, Version 8.0.1.0, Zeitstempel
0x3fa7b7bb, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f,
Ausnahmecode 0xc0000005, Fehleroffset 0x00060bb0, Prozess-ID 0x4040, Anwendungsstartzeit
01cd97b5a6b81f65.
Error - 21.09.2012 00:58:54 | Computer Name = Josh-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Photoshop.exe, Version 8.0.1.0, Zeitstempel
0x3fa7b7bb, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f,
Ausnahmecode 0xc0000005, Fehleroffset 0x00053287, Prozess-ID 0x4040, Anwendungsstartzeit
01cd97b5a6b81f65.
Error - 21.09.2012 00:59:55 | Computer Name = Josh-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Photoshop.exe, Version 8.0.1.0, Zeitstempel
0x3fa7b7bb, fehlerhaftes Modul Photoshop.exe, Version 8.0.1.0, Zeitstempel 0x3fa7b7bb,
Ausnahmecode 0xc0000005, Fehleroffset 0x0040df52, Prozess-ID 0x618, Anwendungsstartzeit
01cd97b5cfd8afe5.
Error - 21.09.2012 00:59:57 | Computer Name = Josh-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Photoshop.exe, Version 8.0.1.0, Zeitstempel
0x3fa7b7bb, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f,
Ausnahmecode 0xc0000005, Fehleroffset 0x00053287, Prozess-ID 0x618, Anwendungsstartzeit
01cd97b5cfd8afe5.
Error - 22.09.2012 09:42:34 | Computer Name = Josh-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.09.2012 09:43:56 | Computer Name = Josh-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.09.2012 10:52:03 | Computer Name = Josh-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Photoshop.exe, Version 8.0.1.0, Zeitstempel
0x3fa7b7bb, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f,
Ausnahmecode 0xc0000005, Fehleroffset 0x00053800, Prozess-ID 0xbd8, Anwendungsstartzeit
01cd98cf7af5403d.
Error - 22.09.2012 21:19:11 | Computer Name = Josh-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL".
Die
abhängige Assemblierung "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.09.2012 21:19:55 | Computer Name = Josh-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 23.09.2012 05:53:11 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.09.2012 05:53:11 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.09.2012 05:53:11 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.09.2012 05:53:11 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.09.2012 05:59:21 | Computer Name = Josh-PC | Source = DCOM | ID = 10005
Description =
Error - 23.09.2012 05:59:28 | Computer Name = Josh-PC | Source = DCOM | ID = 10005
Description =
Error - 23.09.2012 05:59:46 | Computer Name = Josh-PC | Source = DCOM | ID = 10005
Description =
Error - 23.09.2012 05:59:46 | Computer Name = Josh-PC | Source = DCOM | ID = 10005
Description =
Error - 23.09.2012 06:00:37 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.09.2012 06:00:37 | Computer Name = Josh-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
--- --- ---
Zitat:
Zitat von OTL.txt
OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 23.09.2012 12:02:18 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Josh\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,00 Gb Total Physical Memory | 4,10 Gb Available Physical Memory | 81,96% Memory free
10,14 Gb Paging File | 9,39 Gb Available in Paging File | 92,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 498,51 Gb Total Space | 230,75 Gb Free Space | 46,29% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 152,39 Gb Free Space | 65,44% Space Free | Partition Type: NTFS
Computer Name: JOSH-PC | User Name: Josh | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Josh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\DRIVERS\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdLH6.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\DRIVERS\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\DRIVERS\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmHidLo) -- C:\Windows\SysNative\drivers\WmHidLo.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\DRIVERS\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\DRIVERS\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (AmdLLD64) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (AMD, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (AODDriver4.1) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10013&barid={81F12D75-055C-11E2-B919-002421B513CD}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10013&barid={81F12D75-055C-11E2-B919-002421B513CD}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110184&tt=120912_pcp_3812_3&babsrc=HP_ss&mntrId=aaa805bd0000000000000022436b5ea6
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=110184&tt=120912_pcp_3812_3&babsrc=HP_ss&mntrId=aaa805bd0000000000000022436b5ea6
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CB D9 6F D6 A7 96 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110184&tt=120912_pcp_3812_3&babsrc=SP_ss&mntrId=aaa805bd0000000000000022436b5ea6
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10013&barid={81F12D75-055C-11E2-B919-002421B513CD}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Josh\AppData\Local\Facebook\Messenger\2.1.4631.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.09.23 11:12:28 | 000,000,000 | ---D | M]
[2012.09.23 11:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Josh\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [toieivqokhvxirr] C:\ProgramData\toieivqo.exe ()
O4 - HKLM..\RunOnce: [awdevlcvideoconverter3058] File not found
O4 - Startup: C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Josh\AppData\Local\Facebook\Messenger\2.1.4631.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.62.62 78.42.43.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82A8B594-E807-455B-BC1F-4BA43A7F8785}: DhcpNameServer = 82.212.62.62 78.42.43.62
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Josh\Pictures\Hintergründe\Unbenannt-1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Josh\Pictures\Hintergründe\Unbenannt-1.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{446a256d-36b7-11e0-88bc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{446a256d-36b7-11e0-88bc-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchEAWG.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.23 12:01:19 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012.09.23 11:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\obgeqakwkgcexbs
[2012.09.23 11:35:29 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.09.23 11:15:04 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2012.09.23 11:15:04 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2012.09.23 11:15:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2012.09.23 11:15:04 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2012.09.23 11:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2012.09.23 11:13:26 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.09.23 11:13:25 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.09.23 11:13:25 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.09.23 11:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012.09.23 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\TuneUp Software
[2012.09.23 11:13:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2012.09.23 11:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.09.23 11:13:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.09.23 11:13:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.09.23 11:12:58 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drvc.dll
[2012.09.23 11:12:58 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2012.09.23 11:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012.09.23 11:12:57 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2012.09.23 11:12:57 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2012.09.23 11:12:57 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2012.09.23 11:12:57 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2012.09.23 11:12:57 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2012.09.23 11:12:57 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2012.09.23 11:12:57 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2012.09.23 11:12:57 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2012.09.23 11:12:56 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2012.09.23 11:12:56 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2012.09.23 11:12:55 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2012.09.23 11:12:36 | 000,000,000 | ---D | C] -- C:\Users\Josh\Start Menu
[2012.09.23 11:12:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012.09.23 11:12:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012.09.23 11:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.09.23 11:12:27 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\BabylonToolbar
[2012.09.23 11:12:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2012.09.23 11:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.23 11:12:10 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Babylon
[2012.09.23 11:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.09.23 11:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2012.09.23 11:01:58 | 051,531,533 | ---- | C] (eRightSoft ) -- C:\Users\Josh\Desktop\SUPERsetup.exe
[2012.09.23 10:57:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.09.23 10:56:45 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\{87FCE318-5E20-429E-9898-8054CFFFFC45}
[2012.09.23 10:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2012.09.23 10:56:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2012.09.23 10:46:29 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\Wajam
[2012.09.23 10:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012.09.23 03:00:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.23 03:00:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.23 03:00:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.23 03:00:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.23 03:00:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.23 03:00:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.23 03:00:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.23 03:00:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.23 03:00:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.23 03:00:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.23 03:00:45 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.23 03:00:45 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.23 03:00:43 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.23 03:00:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.23 03:00:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.15 19:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.09.15 19:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.09.15 19:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.09.11 21:42:52 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\R1 2013
[2012.09.08 20:05:20 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\l
[2012.09.08 20:02:14 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\Neuer Ordner
[2012.09.08 16:53:51 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012.08.24 19:38:06 | 000,000,000 | ---D | C] -- C:\Users\Josh\Documents\NBGI
[2012.08.24 19:35:02 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Local\NBGI
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.23 12:01:19 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012.09.23 12:00:24 | 000,001,356 | ---- | M] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat
[2012.09.23 11:59:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 11:49:32 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 11:49:32 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 11:42:59 | 191,899,648 | ---- | M] () -- C:\Users\Josh\Desktop\MF MartinQ Zolder 19 05 2012 Minder snel sessie 3.mp4.MPG
[2012.09.23 11:37:37 | 000,076,350 | ---- | M] () -- C:\ProgramData\pxynlfilspfluac
[2012.09.23 11:35:32 | 000,087,040 | ---- | M] () -- C:\ProgramData\toieivqo.exe
[2012.09.23 11:35:32 | 000,087,040 | ---- | M] () -- C:\Users\Josh\0.9440952711130924.exe
[2012.09.23 11:35:08 | 041,773,056 | ---- | M] () -- C:\Users\Josh\Desktop\Dutch Adrenalin # 3 Lalala.mp4.MPG
[2012.09.23 11:29:52 | 171,024,384 | ---- | M] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852.mp4.MPG
[2012.09.23 11:23:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.23 11:20:30 | 060,667,904 | ---- | M] () -- C:\Users\Josh\Desktop\Dutch Adrenalin #4 Rasen ist in!.mp4.MPG
[2012.09.23 11:13:23 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.09.23 11:13:23 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.09.23 11:12:18 | 000,000,315 | ---- | M] () -- C:\user.js
[2012.09.23 11:12:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1775772143-215352430-2348080800-1008UA.job
[2012.09.23 11:03:39 | 051,531,533 | ---- | M] (eRightSoft ) -- C:\Users\Josh\Desktop\SUPERsetup.exe
[2012.09.23 10:55:55 | 000,000,219 | ---- | M] () -- C:\Users\Josh\Desktop\Search the Web.url
[2012.09.23 10:55:55 | 000,000,213 | ---- | M] () -- C:\Users\Josh\Desktop\SweetPcFix.url
[2012.09.23 10:55:20 | 000,161,904 | ---- | M] () -- C:\Users\Josh\Desktop\VLCVideoConverterSetup.exe
[2012.09.23 10:53:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1775772143-215352430-2348080800-1000UA.job
[2012.09.23 10:52:38 | 000,000,000 | ---- | M] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852_0.mov
[2012.09.23 10:45:21 | 001,127,320 | ---- | M] () -- C:\Users\Josh\Desktop\VideoConverterSetup.exe
[2012.09.23 08:12:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1775772143-215352430-2348080800-1008Core.job
[2012.09.22 23:02:14 | 394,383,841 | ---- | M] () -- C:\Users\Josh\Desktop\MF MartinQ Zolder 19 05 2012 Minder snel sessie 3.mp4
[2012.09.22 23:00:53 | 240,001,155 | ---- | M] () -- C:\Users\Josh\Desktop\MF MartinQ Mettet 7 Juni 2012 Rookies sessie 2.no-conversion
[2012.09.22 22:54:52 | 088,029,377 | ---- | M] () -- C:\Users\Josh\Desktop\Dutch Adrenalin # 3 Lalala.mp4
[2012.09.22 22:53:20 | 077,297,487 | ---- | M] () -- C:\Users\Josh\Desktop\Circuit Zolder 31-08-12 + 01-09-12 compilatie.no-conversion
[2012.09.22 22:53:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1775772143-215352430-2348080800-1000Core.job
[2012.09.22 22:39:19 | 227,204,259 | ---- | M] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852.mp4
[2012.09.22 22:27:18 | 086,777,100 | ---- | M] () -- C:\Users\Josh\Desktop\Dutch Adrenalin #4 Rasen ist in!.mp4
[2012.09.22 18:34:41 | 000,708,771 | ---- | M] () -- C:\Users\Josh\Desktop\000000.jpg
[2012.09.22 18:34:09 | 000,499,551 | ---- | M] () -- C:\Users\Josh\Desktop\533569912_d79f789132_b.jpg
[2012.09.22 17:22:05 | 000,248,101 | ---- | M] () -- C:\Users\Josh\Desktop\0002.jpg
[2012.09.22 17:21:39 | 000,213,136 | ---- | M] () -- C:\Users\Josh\Desktop\0001.jpg
[2012.09.22 17:20:31 | 003,431,645 | ---- | M] () -- C:\Users\Josh\Desktop\20120922_121219.jpg
[2012.09.22 17:20:18 | 003,135,444 | ---- | M] () -- C:\Users\Josh\Desktop\20120922_121155.jpg
[2012.09.22 16:53:21 | 000,335,287 | ---- | M] () -- C:\Users\Josh\Desktop\000.jpg
[2012.09.22 16:51:08 | 002,598,890 | ---- | M] () -- C:\Users\Josh\Desktop\20120922_142948.jpg
[2012.09.22 16:37:09 | 000,564,609 | ---- | M] () -- C:\Users\Josh\Desktop\20120922_143620.jpg
[2012.09.21 07:20:14 | 000,584,758 | ---- | M] () -- C:\Users\Josh\Desktop\3082699631_480282d02a_o.jpg
[2012.09.21 07:00:48 | 000,297,215 | ---- | M] () -- C:\Users\Josh\Desktop\3030144213_721be36d5f_o.jpg
[2012.09.21 06:57:16 | 000,657,711 | ---- | M] () -- C:\Users\Josh\Desktop\2725079873_4fc47eea28_o.jpg
[2012.09.21 06:56:48 | 001,337,930 | ---- | M] () -- C:\Users\Josh\Desktop\2950391048_1ef0787fc5_o.jpg
[2012.09.21 06:53:59 | 000,051,572 | ---- | M] () -- C:\Users\Josh\Desktop\3559892324_360fb9ca19_o.jpg
[2012.09.21 06:52:11 | 000,077,164 | ---- | M] () -- C:\Users\Josh\Desktop\4167694654_9ba3c44abf_o.jpg
[2012.09.20 23:23:09 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.20 23:23:09 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.09.20 21:02:28 | 000,028,282 | ---- | M] () -- C:\Users\Josh\Desktop\34208729.png
[2012.09.20 20:56:17 | 000,078,179 | ---- | M] () -- C:\Users\Josh\Desktop\Unbenannt-1.jpg
[2012.09.19 22:36:54 | 000,293,731 | ---- | M] () -- C:\Users\Josh\Desktop\CIMG4521_cri.jpg
[2012.09.19 22:36:33 | 000,242,982 | ---- | M] () -- C:\Users\Josh\Desktop\CIMG2564_cri.jpg
[2012.09.19 22:32:18 | 000,535,291 | ---- | M] () -- C:\Users\Josh\Desktop\CIMG6487_cri.jpg
[2012.09.19 22:31:45 | 000,938,129 | ---- | M] () -- C:\Users\Josh\Desktop\4376502058_452866012a_o.jpg
[2012.09.19 22:29:00 | 001,714,091 | ---- | M] () -- C:\Users\Josh\Desktop\CIMG2599_cri.jpg
[2012.09.19 22:15:41 | 000,075,371 | ---- | M] () -- C:\Users\Josh\Desktop\30781182_61092cdb49_o.jpg
[2012.09.19 21:25:41 | 000,016,225 | ---- | M] () -- C:\Users\Josh\Desktop\AnSpringer_19092012.odt
[2012.09.17 15:26:09 | 000,305,573 | ---- | M] () -- C:\Users\Josh\Desktop\476336_156536184485204_1827587436_o.jpg
[2012.09.16 15:06:19 | 000,315,380 | ---- | M] () -- C:\Users\Josh\Desktop\2012-09-16_00008.jpg
[2012.09.16 10:15:08 | 000,551,539 | ---- | M] () -- C:\Users\Josh\Desktop\Anlage05.jpg
[2012.09.16 10:14:53 | 000,420,265 | ---- | M] () -- C:\Users\Josh\Desktop\Anlage02.jpg
[2012.09.16 10:14:33 | 000,377,249 | ---- | M] () -- C:\Users\Josh\Desktop\Anlage04.jpg
[2012.09.16 10:14:17 | 000,412,341 | ---- | M] () -- C:\Users\Josh\Desktop\Anlage03.jpg
[2012.09.16 10:12:41 | 002,100,118 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_100005.jpg
[2012.09.16 10:12:37 | 001,920,736 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_100009.jpg
[2012.09.16 10:12:33 | 002,700,132 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_100055.jpg
[2012.09.16 10:12:27 | 002,614,073 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_100104.jpg
[2012.09.16 10:11:29 | 000,101,677 | ---- | M] () -- C:\Users\Josh\Desktop\anlage00.jpg
[2012.09.16 10:11:13 | 000,529,723 | ---- | M] () -- C:\Users\Josh\Desktop\Anlage01.jpg
[2012.09.16 10:10:15 | 002,531,088 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095910.jpg
[2012.09.16 10:10:11 | 002,367,683 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095939.jpg
[2012.09.16 10:10:06 | 002,388,299 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095944.jpg
[2012.09.16 10:10:00 | 002,479,143 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095949.jpg
[2012.09.16 10:07:33 | 002,942,388 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095838.jpg
[2012.09.16 10:07:28 | 003,104,837 | ---- | M] () -- C:\Users\Josh\Desktop\20120916_095847.jpg
[2012.09.13 21:14:17 | 000,099,573 | ---- | M] () -- C:\Users\Josh\Desktop\IMG-20120913-WA0007.jpg
[2012.09.09 08:56:09 | 000,013,282 | ---- | M] () -- C:\Users\Josh\.TransferManager.db
[2012.09.08 16:53:51 | 000,001,120 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2012.09.01 18:39:04 | 000,021,504 | ---- | M] () -- C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.01 18:12:43 | 000,084,752 | ---- | M] () -- C:\Users\Josh\Desktop\DSfix05.zip
[2012.09.01 17:47:54 | 000,789,156 | ---- | M] () -- C:\Users\Josh\Desktop\Unbenannt-2.jpg
[2012.08.28 17:04:53 | 001,445,546 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.28 17:04:53 | 000,628,742 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.28 17:04:53 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.28 17:04:53 | 000,126,486 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.28 17:04:53 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.23 11:37:37 | 000,087,040 | ---- | C] () -- C:\ProgramData\toieivqo.exe
[2012.09.23 11:35:33 | 000,076,350 | ---- | C] () -- C:\ProgramData\pxynlfilspfluac
[2012.09.23 11:35:31 | 000,087,040 | ---- | C] () -- C:\Users\Josh\0.9440952711130924.exe
[2012.09.23 11:35:22 | 191,899,648 | ---- | C] () -- C:\Users\Josh\Desktop\MF MartinQ Zolder 19 05 2012 Minder snel sessie 3.mp4.MPG
[2012.09.23 11:30:09 | 041,773,056 | ---- | C] () -- C:\Users\Josh\Desktop\Dutch Adrenalin # 3 Lalala.mp4.MPG
[2012.09.23 11:20:44 | 171,024,384 | ---- | C] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852.mp4.MPG
[2012.09.23 11:15:10 | 060,667,904 | ---- | C] () -- C:\Users\Josh\Desktop\Dutch Adrenalin #4 Rasen ist in!.mp4.MPG
[2012.09.23 11:15:04 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.09.23 11:13:23 | 000,001,923 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.09.23 11:13:23 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012.09.23 11:13:22 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012.09.23 11:12:57 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2012.09.23 11:12:57 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.09.23 11:12:57 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2012.09.23 11:12:56 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax
[2012.09.23 11:12:56 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2012.09.23 11:12:56 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2012.09.23 11:12:56 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2012.09.23 11:12:56 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2012.09.23 11:12:56 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2012.09.23 11:12:55 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2012.09.23 11:12:55 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2012.09.23 11:12:17 | 000,000,315 | ---- | C] () -- C:\user.js
[2012.09.23 10:55:55 | 000,000,219 | ---- | C] () -- C:\Users\Josh\Desktop\Search the Web.url
[2012.09.23 10:55:55 | 000,000,213 | ---- | C] () -- C:\Users\Josh\Desktop\SweetPcFix.url
[2012.09.23 10:55:20 | 000,161,904 | ---- | C] () -- C:\Users\Josh\Desktop\VLCVideoConverterSetup.exe
[2012.09.23 10:52:38 | 000,000,000 | ---- | C] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852_0.mov
[2012.09.23 10:45:21 | 001,127,320 | ---- | C] () -- C:\Users\Josh\Desktop\VideoConverterSetup.exe
[2012.09.22 22:57:04 | 240,001,155 | ---- | C] () -- C:\Users\Josh\Desktop\MF MartinQ Mettet 7 Juni 2012 Rookies sessie 2.no-conversion
[2012.09.22 22:57:00 | 394,383,841 | ---- | C] () -- C:\Users\Josh\Desktop\MF MartinQ Zolder 19 05 2012 Minder snel sessie 3.mp4
[2012.09.22 22:52:16 | 077,297,487 | ---- | C] () -- C:\Users\Josh\Desktop\Circuit Zolder 31-08-12 + 01-09-12 compilatie.no-conversion
[2012.09.22 22:52:12 | 088,029,377 | ---- | C] () -- C:\Users\Josh\Desktop\Dutch Adrenalin # 3 Lalala.mp4
[2012.09.22 22:37:12 | 227,204,259 | ---- | C] () -- C:\Users\Josh\Desktop\29-07-2012 Nürburgring Nordschleife Yamaha R1 0852.mp4
[2012.09.22 22:26:14 | 086,777,100 | ---- | C] () -- C:\Users\Josh\Desktop\Dutch Adrenalin #4 Rasen ist in!.mp4
[2012.09.22 18:34:41 | 000,708,771 | ---- | C] () -- C:\Users\Josh\Desktop\000000.jpg
[2012.09.22 18:34:09 | 000,499,551 | ---- | C] () -- C:\Users\Josh\Desktop\533569912_d79f789132_b.jpg
[2012.09.22 17:22:04 | 000,248,101 | ---- | C] () -- C:\Users\Josh\Desktop\0002.jpg
[2012.09.22 17:21:39 | 000,213,136 | ---- | C] () -- C:\Users\Josh\Desktop\0001.jpg
[2012.09.22 17:20:28 | 003,431,645 | ---- | C] () -- C:\Users\Josh\Desktop\20120922_121219.jpg
[2012.09.22 17:20:15 | 003,135,444 | ---- | C] () -- C:\Users\Josh\Desktop\20120922_121155.jpg
[2012.09.22 16:53:20 | 000,335,287 | ---- | C] () -- C:\Users\Josh\Desktop\000.jpg
[2012.09.22 16:51:10 | 002,598,890 | ---- | C] () -- C:\Users\Josh\Desktop\20120922_142948.jpg
[2012.09.22 16:35:09 | 000,564,609 | ---- | C] () -- C:\Users\Josh\Desktop\20120922_143620.jpg
[2012.09.21 07:20:13 | 000,584,758 | ---- | C] () -- C:\Users\Josh\Desktop\3082699631_480282d02a_o.jpg
[2012.09.21 06:57:16 | 000,657,711 | ---- | C] () -- C:\Users\Josh\Desktop\2725079873_4fc47eea28_o.jpg
[2012.09.21 06:56:48 | 001,337,930 | ---- | C] () -- C:\Users\Josh\Desktop\2950391048_1ef0787fc5_o.jpg
[2012.09.21 06:56:37 | 000,297,215 | ---- | C] () -- C:\Users\Josh\Desktop\3030144213_721be36d5f_o.jpg
[2012.09.21 06:53:59 | 000,051,572 | ---- | C] () -- C:\Users\Josh\Desktop\3559892324_360fb9ca19_o.jpg
[2012.09.21 06:52:11 | 000,077,164 | ---- | C] () -- C:\Users\Josh\Desktop\4167694654_9ba3c44abf_o.jpg
[2012.09.20 21:02:28 | 000,028,282 | ---- | C] () -- C:\Users\Josh\Desktop\34208729.png
[2012.09.20 20:56:15 | 000,078,179 | ---- | C] () -- C:\Users\Josh\Desktop\Unbenannt-1.jpg
[2012.09.19 22:32:17 | 000,535,291 | ---- | C] () -- C:\Users\Josh\Desktop\CIMG6487_cri.jpg
[2012.09.19 22:31:45 | 000,938,129 | ---- | C] () -- C:\Users\Josh\Desktop\4376502058_452866012a_o.jpg
[2012.09.19 22:29:00 | 001,714,091 | ---- | C] () -- C:\Users\Josh\Desktop\CIMG2599_cri.jpg
[2012.09.19 22:26:38 | 000,293,731 | ---- | C] () -- C:\Users\Josh\Desktop\CIMG4521_cri.jpg
[2012.09.19 22:17:01 | 000,242,982 | ---- | C] () -- C:\Users\Josh\Desktop\CIMG2564_cri.jpg
[2012.09.19 22:15:41 | 000,075,371 | ---- | C] () -- C:\Users\Josh\Desktop\30781182_61092cdb49_o.jpg
[2012.09.19 21:25:40 | 000,016,225 | ---- | C] () -- C:\Users\Josh\Desktop\AnSpringer_19092012.odt
[2012.09.17 14:18:01 | 000,305,573 | ---- | C] () -- C:\Users\Josh\Desktop\476336_156536184485204_1827587436_o.jpg
[2012.09.16 15:06:18 | 000,315,380 | ---- | C] () -- C:\Users\Josh\Desktop\2012-09-16_00008.jpg
[2012.09.16 10:15:07 | 000,551,539 | ---- | C] () -- C:\Users\Josh\Desktop\Anlage05.jpg
[2012.09.16 10:14:52 | 000,420,265 | ---- | C] () -- C:\Users\Josh\Desktop\Anlage02.jpg
[2012.09.16 10:14:33 | 000,377,249 | ---- | C] () -- C:\Users\Josh\Desktop\Anlage04.jpg
[2012.09.16 10:14:17 | 000,412,341 | ---- | C] () -- C:\Users\Josh\Desktop\Anlage03.jpg
[2012.09.16 10:12:37 | 002,100,118 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_100005.jpg
[2012.09.16 10:12:33 | 001,920,736 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_100009.jpg
[2012.09.16 10:12:27 | 002,700,132 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_100055.jpg
[2012.09.16 10:12:21 | 002,614,073 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_100104.jpg
[2012.09.16 10:11:28 | 000,101,677 | ---- | C] () -- C:\Users\Josh\Desktop\anlage00.jpg
[2012.09.16 10:11:13 | 000,529,723 | ---- | C] () -- C:\Users\Josh\Desktop\Anlage01.jpg
[2012.09.16 10:10:11 | 002,531,088 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095910.jpg
[2012.09.16 10:10:06 | 002,367,683 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095939.jpg
[2012.09.16 10:10:00 | 002,388,299 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095944.jpg
[2012.09.16 10:09:55 | 002,479,143 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095949.jpg
[2012.09.16 10:07:28 | 002,942,388 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095838.jpg
[2012.09.16 10:07:21 | 003,104,837 | ---- | C] () -- C:\Users\Josh\Desktop\20120916_095847.jpg
[2012.09.13 21:09:45 | 000,099,573 | ---- | C] () -- C:\Users\Josh\Desktop\IMG-20120913-WA0007.jpg
[2012.09.09 08:56:09 | 000,013,282 | ---- | C] () -- C:\Users\Josh\.TransferManager.db
[2012.09.07 19:42:51 | 000,001,356 | ---- | C] () -- C:\Users\Josh\AppData\Local\d3d9caps.dat
[2012.09.01 18:12:42 | 000,084,752 | ---- | C] () -- C:\Users\Josh\Desktop\DSfix05.zip
[2012.09.01 17:47:53 | 000,789,156 | ---- | C] () -- C:\Users\Josh\Desktop\Unbenannt-2.jpg
[2012.08.16 13:54:39 | 003,771,300 | ---- | C] () -- C:\Users\Josh\20120816_124716.jpg
[2012.04.12 10:08:42 | 000,005,339 | ---- | C] () -- C:\Users\Josh\checkFileList.lst
[2012.04.12 10:02:16 | 000,001,040 | ---- | C] () -- C:\Users\Josh\CCGM_P_C_Beta.exe.md5
[2012.04.12 09:44:19 | 1348,477,947 | ---- | C] () -- C:\Users\Josh\CCGM_P_C_Beta.exe
[2012.01.07 10:57:44 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012.01.07 10:57:44 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012.01.07 10:57:44 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.01.07 10:16:15 | 000,031,048 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.04 13:10:22 | 000,281,032 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.07.04 13:10:20 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.07.04 13:10:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.21 14:31:57 | 000,000,370 | ---- | C] () -- C:\Users\Josh\Dokumente.lnk
[2011.03.11 09:26:30 | 000,021,504 | ---- | C] () -- C:\Users\Josh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.14 19:51:37 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011.02.14 19:51:12 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011.02.14 19:50:50 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011.02.12 23:36:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.12 19:35:09 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011.02.12 16:58:25 | 000,000,732 | ---- | C] () -- C:\Users\Josh\AppData\Local\d3d9caps64.dat
========== ZeroAccess Check ==========
[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
--- --- ---
Ich hoffe das war so korrekt. Wie geht es nun weiter?
Zitat:
Malwarebytes Anti-Malware 1.65.0.1400
Hier noch das Log von Malewarebytes!
23.09.2012, 11:13
Baum-Darstellung