Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firefox sowie Internet Explorer starten nicht mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.03.2013, 22:20   #16
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



nein, sonst hätt ich das geschrieben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.03.2013, 22:29   #17
Jooe2
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



oke hier sind die neuen OLT loggs
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.03.2013 22:15:36 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,96 Gb Total Physical Memory | 14,24 Gb Available Physical Memory | 89,23% Memory free
31,92 Gb Paging File | 30,04 Gb Available in Paging File | 94,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,83 Gb Total Space | 29,44 Gb Free Space | 19,78% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
PRC - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\SysWOW64\ASDR.exe ()
PRC - C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\GamerOSD\ImageTransform.dll ()
MOD - C:\Program Files (x86)\ASUS\GamerOSD\AudioOnVistaDLL.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ASDR) -- C:\Windows\SysWOW64\ASDR.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (mvs91xx) -- C:\Windows\SysNative\drivers\mvs91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Users\Johannes\Desktop\Programme\Real Temp\WinRing0x64.sys (OpenLibSys.org)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D 33 7D 7C B7 BA CD 01  [binary data]
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{1C556991-94AD-44e8-ADF6-0448D784C024}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{7E54566A-08E5-4d90-A488-A59839D306D2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{D063C8A7-A367-4420-864F-AA5FA4F547EB}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.02.04 17:33:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.03 18:02:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.02.04 17:33:00 | 000,000,000 | ---D | M]
 
[2012.11.04 19:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions
[2013.03.03 18:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\vpxo1osk.default\extensions
[2013.03.03 18:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 05:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 05:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 05:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 05:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 05:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 05:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - Extension: Angry Birds = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-Suche = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Cut the Rope = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: Plants vs Zombies = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Mail = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.03.03 20:33:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B63CD16F-1B95-45EF-AFF9-5AAAA49E1DA1}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.04 21:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.03.04 21:26:01 | 009,565,552 | ---- | C] (SurfRight B.V.) -- C:\Users\Johannes\Desktop\HitmanPro_x64.exe
[2013.03.04 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.03.04 20:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.04 17:19:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.03 20:29:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.03 20:29:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.03 20:29:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.03 20:29:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.03 20:29:21 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.03 19:41:14 | 005,036,301 | R--- | C] (Swearware) -- C:\Users\Johannes\Desktop\ComboFix.exe
[2013.03.03 18:44:46 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Johannes\Desktop\tdsskiller.exe
[2013.03.03 18:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.03.03 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.03 17:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.03.03 17:51:18 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Google
[2013.03.01 00:39:45 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.03.01 00:39:44 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.03.01 00:39:41 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.01 00:39:41 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.01 00:39:41 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.01 00:39:41 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.01 00:39:41 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.01 00:39:41 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.01 00:39:41 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.01 00:39:41 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.01 00:39:39 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.01 00:39:39 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.01 00:39:39 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.01 00:39:39 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.01 00:39:39 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.01 00:39:39 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.01 00:39:39 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.01 00:39:39 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.01 00:39:39 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.01 00:39:32 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.01 00:39:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.01 00:11:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013.02.28 22:49:54 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\backups
[2013.02.28 22:30:24 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Johannes\Desktop\HiJackThis204.exe
[2013.02.28 01:24:54 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.28 01:24:54 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.28 01:24:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.28 01:24:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.28 01:24:45 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.28 01:24:45 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.28 01:24:42 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.28 01:24:42 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.28 01:24:42 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.28 01:24:42 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.28 01:24:42 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.28 01:24:42 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.28 01:24:42 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.28 01:24:42 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.28 01:24:42 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.28 01:24:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.28 01:24:42 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.28 01:24:42 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.28 01:24:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.28 01:24:42 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.28 01:24:42 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.28 01:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 01:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 01:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 01:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 01:24:41 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.28 01:24:41 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 19:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.25 13:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013.02.25 13:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2013.02.13 23:35:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 23:35:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 23:35:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 23:35:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 23:35:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 23:35:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 23:35:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 23:35:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 23:35:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 23:35:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 23:35:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 23:35:50 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 23:35:49 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 23:35:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 23:35:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 23:26:52 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 23:26:51 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 23:26:50 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 23:26:41 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 23:26:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 23:26:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 23:26:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 23:26:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 23:26:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 23:26:36 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.10 02:34:28 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Documents\ANNO 2070
[2013.02.09 23:36:49 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Ubisoft
[2013.02.09 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Application Data
[2013.02.09 18:43:52 | 000,555,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.09 18:39:35 | 016,473,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.02.07 23:29:32 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\iFunbox_UserCache
[2013.02.07 16:01:56 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\libimobiledevice
[2013.02.05 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Apple Computer
[2013.02.05 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Apple Computer
[2013.02.05 22:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.05 22:43:19 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013.02.05 22:43:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.05 22:39:28 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Apple
[2013.02.05 22:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.02.05 22:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.02.05 22:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.05 22:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.02.05 22:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.02.05 18:39:30 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Documents\Diablo III
[2013.02.05 18:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.05 18:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.02.05 18:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2013.02.04 18:03:25 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013.02.04 17:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013.02.04 17:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013.02.04 17:32:47 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013.02.04 17:32:47 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2013.02.04 17:32:47 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013.02.04 17:32:45 | 000,707,528 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013.02.04 17:32:45 | 000,589,000 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013.02.04 17:32:45 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013.02.04 17:25:44 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Bitdefender
[2013.02.04 17:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013.02.04 17:24:48 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\QuickScan
[2013.02.04 17:23:05 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013.02.04 17:23:05 | 000,145,696 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013.02.04 17:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013.02.04 17:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013.02.04 17:08:02 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Keseling
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.04 22:14:45 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.04 22:14:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.04 22:14:11 | 4265,168,894 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.04 21:56:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.04 21:51:49 | 000,000,921 | ---- | M] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.rar
[2013.03.04 21:49:51 | 000,004,346 | ---- | M] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.xml
[2013.03.04 21:42:37 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.04 21:42:37 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.04 21:26:18 | 009,565,552 | ---- | M] (SurfRight B.V.) -- C:\Users\Johannes\Desktop\HitmanPro_x64.exe
[2013.03.04 20:58:29 | 000,594,019 | ---- | M] () -- C:\Users\Johannes\Desktop\adwcleaner.exe
[2013.03.04 20:26:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.03 20:33:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.03 19:41:40 | 005,036,301 | R--- | M] (Swearware) -- C:\Users\Johannes\Desktop\ComboFix.exe
[2013.03.03 18:44:49 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Johannes\Desktop\tdsskiller.exe
[2013.03.03 18:02:32 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.03 17:52:31 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.03 15:36:30 | 001,619,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.03 15:36:30 | 000,699,092 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.03 15:36:30 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.03 15:36:30 | 000,149,232 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.03 15:36:30 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.03 15:22:29 | 000,042,592 | ---- | M] () -- C:\Users\Johannes\Desktop\OLT-Extras-Gmer.rar
[2013.03.03 14:40:11 | 000,377,856 | ---- | M] () -- C:\Users\Johannes\Desktop\gmer_2.1.19115.exe
[2013.03.03 14:39:05 | 000,000,168 | ---- | M] () -- C:\Users\Johannes\defogger_reenable
[2013.03.03 14:36:05 | 000,050,477 | ---- | M] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013.03.01 00:11:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013.02.28 22:36:55 | 000,000,638 | -H-- | M] () -- C:\bdr-cf01
[2013.02.28 22:30:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Johannes\Desktop\HiJackThis204.exe
[2013.02.28 22:07:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.02.28 22:07:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.02.27 18:39:32 | 016,473,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.02.26 14:12:47 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.02.25 13:48:15 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013.02.24 20:59:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.02.21 23:29:07 | 000,033,051 | ---- | M] () -- C:\Users\Johannes\Desktop\Sammelzeugnis_1103173_de.pdf
[2013.02.17 17:26:54 | 002,198,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.10 04:25:27 | 026,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.10 04:25:27 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.10 04:25:27 | 020,534,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.10 04:25:27 | 017,987,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.10 04:25:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.10 04:25:27 | 015,275,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.10 04:25:27 | 015,038,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.10 04:25:27 | 012,862,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.10 04:25:27 | 009,422,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.10 04:25:27 | 007,964,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.10 04:25:27 | 007,569,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.10 04:25:27 | 006,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.10 04:25:27 | 002,911,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.10 04:25:27 | 002,854,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.10 04:25:27 | 002,726,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.10 04:25:27 | 002,528,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.02.10 04:25:27 | 002,350,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,990,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.02.10 04:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.02.10 04:25:27 | 001,114,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.02.10 04:25:27 | 000,963,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.02.10 04:25:27 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.02.10 04:25:27 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.02.10 04:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.10 02:04:31 | 006,393,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.02.10 02:04:31 | 003,472,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.02.10 02:04:29 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.02.10 02:04:29 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.02.10 02:04:29 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.02.09 18:43:52 | 000,555,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.09 14:25:36 | 003,035,306 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.02.05 18:37:27 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.05 18:18:47 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2013.02.05 17:58:18 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013.02.04 18:03:25 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013.02.04 18:03:24 | 000,350,160 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013.02.04 18:03:23 | 000,145,696 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013.02.04 17:54:39 | 001,592,096 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.04 17:33:19 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.02.04 17:33:19 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.02.04 17:33:08 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013.02.04 17:33:08 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.02.04 17:33:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
 
========== Files Created - No Company Name ==========
 
[2013.03.04 21:51:49 | 000,000,921 | ---- | C] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.rar
[2013.03.04 21:49:51 | 000,004,346 | ---- | C] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.xml
[2013.03.04 20:58:29 | 000,594,019 | ---- | C] () -- C:\Users\Johannes\Desktop\adwcleaner.exe
[2013.03.04 20:26:33 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.03 20:29:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.03 20:29:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.03 20:29:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.03 20:29:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.03 20:29:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.03 18:02:32 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.03 18:02:32 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.03 17:52:31 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.03 17:51:22 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.03 17:51:21 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.03 15:22:29 | 000,042,592 | ---- | C] () -- C:\Users\Johannes\Desktop\OLT-Extras-Gmer.rar
[2013.03.03 14:40:11 | 000,377,856 | ---- | C] () -- C:\Users\Johannes\Desktop\gmer_2.1.19115.exe
[2013.03.03 14:39:05 | 000,000,168 | ---- | C] () -- C:\Users\Johannes\defogger_reenable
[2013.03.03 14:36:05 | 000,050,477 | ---- | C] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013.03.01 00:39:41 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.25 13:48:15 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2013.02.21 23:29:06 | 000,033,051 | ---- | C] () -- C:\Users\Johannes\Desktop\Sammelzeugnis_1103173_de.pdf
[2013.02.05 22:39:27 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.02.05 18:02:38 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2013.02.05 17:58:18 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013.02.04 17:33:19 | 000,000,638 | -H-- | C] () -- C:\bdr-cf01
[2013.02.04 17:33:08 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013.02.04 17:33:08 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk
[2013.02.04 17:33:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013.02.04 17:25:43 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013.02.04 17:25:43 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.02.04 17:25:42 | 037,133,532 | -H-- | C] () -- C:\bdr-im01.gz
[2013.02.04 17:25:42 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.01.04 02:40:22 | 001,592,096 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.06 23:07:35 | 000,007,597 | ---- | C] () -- C:\Users\Johannes\AppData\Local\Resmon.ResmonCfg
[2012.11.04 22:58:57 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.04 22:58:56 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.04 20:11:38 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.11.04 20:11:38 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2012.11.04 19:03:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.02 17:18:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.02 17:18:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.01.29 20:15:55 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\AVG2013
[2013.02.04 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Bitdefender
[2013.03.04 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\BitTorrent
[2013.03.04 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
[2013.02.08 00:29:34 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\iFunbox_UserCache
[2013.02.04 17:08:02 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Keseling
[2012.12.19 18:18:13 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Origin
[2013.02.04 17:24:48 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\QuickScan
[2012.12.24 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Splashtop
[2012.11.20 21:57:49 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Theta
[2013.01.29 20:13:54 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\TuneUp Software
[2013.02.09 23:36:49 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Ubisoft
[2012.11.29 18:16:54 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.03.2013 22:15:36 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,96 Gb Total Physical Memory | 14,24 Gb Available Physical Memory | 89,23% Memory free
31,92 Gb Paging File | 30,04 Gb Available in Paging File | 94,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,83 Gb Total Space | 29,44 Gb Free Space | 19,78% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34F50917-87D7-4042-BEDA-6BB51DE4924B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{38D5D104-D797-46B6-B936-9C1E7FBCB926}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4F70A338-54AC-4CAD-B6B0-0B5B2430CDE2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{5761CD98-8703-476E-B71B-CD0B67D0D778}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{68F08078-B800-4850-9AC8-5CE7611B4839}" = rport=445 | protocol=6 | dir=out | app=system | 
"{74257A4C-9A99-404E-9569-E79DF333DAE2}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7D374CE5-2744-4A7B-B299-DA203504E11C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8C31B5A6-9064-4105-8D37-2CF16727A05D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8DAFEF86-EDC1-40EB-A21A-F763A4601EEE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9E6ECB65-DA41-43B5-98DF-577079D06BB3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A16ECB28-23DF-4072-AE23-627CBC773D4E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A4ADFB83-3E73-4D17-8E50-738706493361}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AB4EEDAC-13A8-4C33-9953-B6F2DA2755EB}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B8508D63-6E71-4137-908D-C39B8E7AADAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BCAB5807-CA41-407D-B6C9-9038946D4B8C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BF9A92E3-8DA7-465B-8D91-F958E19CC40D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C55AA820-DCAA-462C-9526-B79C0BD93C89}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C7C9468A-004C-444C-B987-E053FAB466C4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CA8A755C-FECD-4BE8-B441-570438E72669}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CB269003-9ACC-47D2-A5C9-77294D3805F5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E9BC175A-9E1F-4BEF-A0D9-F1427051857D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EFE32085-4C6B-48C6-9009-52D44C59B235}" = lport=138 | protocol=17 | dir=in | app=system | 
"{FD693E86-478B-4D40-BE07-C59E374DEE76}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E82FD5-3636-4BF4-871B-6637A7E62AD8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0801C6A6-DB7D-4BAB-B62E-D6A861751A42}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | 
"{0E662274-48A4-4668-B25C-430319D008CD}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{12769BA4-A7FC-4989-B42C-A70B30D9FFDC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1B045E30-1369-4C4B-9186-F23D2536ED50}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1BE6685B-19B7-45DB-BA04-93879CD78656}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{204195E0-5359-4C78-AE3C-3B060347F56D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | 
"{20B20189-D9C9-4742-BC23-1953020FA071}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{22963D1F-4D68-4F03-A7F1-396BFC60FD69}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{28F413A1-C4B2-4718-929A-10412343857D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{293BE458-6C31-477B-91B0-3F0BE24235D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D360E87-EF88-4B1A-9827-309527F66EAD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | 
"{2DBCAA9D-FF97-4382-8552-74954AD09561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{316EDA11-842A-47CC-A299-BAB723F916B8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{37DA8C28-7B0E-432C-82B8-3B2E5A9BDE3B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{384DC4B7-1638-470E-BFA3-ABCD8FFABC3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{3D847D0F-3EC2-4AA5-859A-B571251E2C2F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{3EF37C3A-5057-4B9C-9757-1231B938D4D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4127C684-4911-4265-A797-B346A66B46D7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{490A1DBE-C94E-460D-8DF1-B446089E74CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{498C716F-FF40-449C-AB31-8F5E557084D6}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{5499FB21-DAAB-4FD4-8C1D-C1106F6D6F09}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6AC99067-B258-4E2D-91DB-FAA0208F6E0B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{6C518995-F109-4A70-81CD-862DC7BC175A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6D080152-A7AB-4854-900B-501FDE5B4D59}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | 
"{774F03BC-C263-4037-922B-72EB1CF7738A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7BC69057-CC83-47F7-A1D2-6D7CCB161AE2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{80DB6586-B93E-4A9D-B14A-4EA279D9C1F4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | 
"{8198E5AB-FF0B-479B-AD69-E36835EB3F9E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{8378624C-BF26-46B0-B02A-5E0F45620E77}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{8B1995E9-1270-41C9-AADC-5B3DF36A96BE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{8B7144CF-1560-44D1-98F5-D94E18F73622}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A67914F6-4BBA-44BC-B410-329F2AEFAD7C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A68DF9BA-5913-4343-A1FE-9BAF40FCEB1D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A6C8C7C7-B5E0-4D35-B833-355DBEA17448}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A7FDB637-EF50-44EE-B50E-F187565DF28B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | 
"{A8CA022C-1DD1-4839-B9C7-997683E84AA1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{AFE8CA8E-3502-44CD-B8E9-AFF32C192BAD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | 
"{B9ADA1FA-E05B-4240-9F47-40E240E7DA61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{BAC826F5-8D94-4DC4-A08A-8B634CEBBB01}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{C3A2DDA2-07B0-4BC1-B144-FCEC0A2E99DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{CA27A659-A9B5-44D9-BA82-67CCFBEF4C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D7F2D3A8-F866-476B-8DE4-20F566F275F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D97BFB44-E3CD-4389-83D5-ABE7BD0E854E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{DD00871F-B325-4810-8712-3F06FD6395EF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{E34ECA4B-F84F-4A14-B9D9-1161428539FB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{E5E26530-DD09-4ECB-9717-1C1DE2282473}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E76F5DA5-95F0-497C-AED0-AC590BA579D7}" = protocol=6 | dir=out | app=system | 
"{EB445735-AA23-496C-9DFD-640D73F66D6D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{F32AF64D-63E9-45C6-BEE9-682DCC573C1C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{F9C8F916-A2D0-4ADD-8518-C4DECF6E404A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FAD2AD25-B48F-48A2-9DD7-02BF9F220E45}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | 
"{FDD0C4CD-9BC8-4921-ABF2-33F8908F3565}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{FE6E6E12-63DF-4FE2-80F9-3E7640A50C1A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{10D0D07B-20F3-4B5D-AF20-B6DA172A309A}C:\users\johannes\desktop\aoe2\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\aoe2\age2_x1.exe | 
"TCP Query User{13DF9A58-5D23-45D0-AD91-A85DCFABA90E}E:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=e:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe | 
"TCP Query User{16FC6550-8194-4275-97CE-52D7C5900995}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"TCP Query User{6E958BAC-3710-4669-AAE1-98110B1B9641}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe | 
"TCP Query User{74FE029C-FB6D-4D31-8376-659E55814BAD}C:\program files (x86)\innonics\wiggles\wiggles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\innonics\wiggles\wiggles.exe | 
"TCP Query User{864DC078-BD31-4273-935C-1CB2754B62ED}C:\users\johannes\desktop\aoe2\empires2.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\aoe2\empires2.exe | 
"TCP Query User{DF6E1FD5-C31A-4349-A8FB-3503B830CBAF}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{02B4CB83-E7B6-4E0C-BC53-07B952BDF025}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{2FCEA2B6-906D-4EF9-AA34-D7B41F8E43D5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{3BD114C1-5C87-4D8B-B892-A68B1F168019}C:\users\johannes\desktop\aoe2\empires2.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\aoe2\empires2.exe | 
"UDP Query User{49AA2B9B-6E6F-41C2-9E5E-ED057A379954}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe | 
"UDP Query User{5621ABDB-DE4C-42C5-BC05-A7D2E082524D}E:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=e:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe | 
"UDP Query User{93FA6E01-D39E-415A-B05E-72D6375B3C83}C:\users\johannes\desktop\aoe2\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\aoe2\age2_x1.exe | 
"UDP Query User{ED8569A7-730B-4528-AA14-A3051C3BDEE1}C:\program files (x86)\innonics\wiggles\wiggles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\innonics\wiggles\wiggles.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"Bitdefender" = Bitdefender Internet Security 2013
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{287EAC0F-6C96-4712-97A6-958510872CBB}" = Utility
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F9121-5599-47F9-9F82-9FEA0F03C47F}" = 3DPower B12.0215.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 550" = Left 4 Dead 2
"Uplay" = Uplay
"Wiggles" = Wiggles
"xvid" = XviD MPEG-4 Video Codec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.02.2013 18:10:59 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x076c03b8  ID des fehlerhaften
 Prozesses: 0x16b8  Startzeit der fehlerhaften Anwendung: 0x01ce16007cec7a01  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: baa85703-81f3-11e2-8c01-902b34382990
 
Error - 28.02.2013 18:11:00 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x073c7c00  ID des fehlerhaften
 Prozesses: 0x174c  Startzeit der fehlerhaften Anwendung: 0x01ce16007da608b8  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: bb620ccb-81f3-11e2-8c01-902b34382990
 
Error - 28.02.2013 19:45:56 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.1407,
 Zeitstempel: 0x5116e918  Name des fehlerhaften Moduls: nvtray.exe, Version: 7.17.13.1407,
 Zeitstempel: 0x5116e918  Ausnahmecode: 0x40000015  Fehleroffset: 0x0000000000154f89
ID
 des fehlerhaften Prozesses: 0xb24  Startzeit der fehlerhaften Anwendung: 0x01ce160dac78f601
Pfad
 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Berichtskennung:
 fe719148-8200-11e2-8c01-902b34382990
 
Error - 28.02.2013 20:01:09 | Computer Name = Johannes-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 19.0.0.4794 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 174c    Startzeit:
 01ce160f9f24ae69    Endzeit: 4    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 0e3aef2b-8203-11e2-8c01-902b34382990  
 
Error - 03.03.2013 10:08:01 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x004513f0  ID des fehlerhaften
 Prozesses: 0x1268  Startzeit der fehlerhaften Anwendung: 0x01ce1818804bc3fe  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c20fac57-840b-11e2-9d18-902b34382990
 
Error - 03.03.2013 10:08:04 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00442fb8  ID des fehlerhaften
 Prozesses: 0x1334  Startzeit der fehlerhaften Anwendung: 0x01ce181885bc48fe  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c3797d80-840b-11e2-9d18-902b34382990
 
Error - 03.03.2013 10:08:06 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x07343e28  ID des fehlerhaften
 Prozesses: 0xd98  Startzeit der fehlerhaften Anwendung: 0x01ce181886af155a  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c4c45cc6-840b-11e2-9d18-902b34382990
 
Error - 04.03.2013 16:05:40 | Computer Name = Johannes-PC | Source = Application Hang | ID = 1002
Description = Programm wseC92C.tmp, Version 1.0.0.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1524    Startzeit:
 01ce19136476668c    Endzeit: 0    Anwendungspfad: C:\Users\Johannes\AppData\Local\Temp\wseC92C.tmp

Berichts-ID:
 dfd7cd64-8506-11e2-ac40-902b34382990  
 
Error - 04.03.2013 16:50:15 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00a635b0  ID des fehlerhaften
 Prozesses: 0x87c  Startzeit der fehlerhaften Anwendung: 0x01ce1919de9d6585  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 1d29b1bf-850d-11e2-8671-902b34382990
 
Error - 04.03.2013 16:50:17 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x09ca0fe8  ID des fehlerhaften
 Prozesses: 0x40c  Startzeit der fehlerhaften Anwendung: 0x01ce1919e0b4fb23  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 1e7e1687-850d-11e2-8671-902b34382990
 
[ Media Center Events ]
Error - 03.01.2013 13:23:12 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:23:12 - Fehler beim Herstellen der Internetverbindung.  18:23:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 13:24:04 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:23:59 - Fehler beim Herstellen der Internetverbindung.  18:23:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 15:01:04 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 20:01:04 - Fehler beim Herstellen der Internetverbindung.  20:01:04 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 15:01:59 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 20:01:52 - Fehler beim Herstellen der Internetverbindung.  20:01:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:46:47 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:46:47 - Fehler beim Herstellen der Internetverbindung.  18:46:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:47:36 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:47:36 - Fehler beim Herstellen der Internetverbindung.  18:47:36 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:47:40 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:47:34 - Fehler beim Herstellen der Internetverbindung.  18:47:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:48:25 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:48:24 - Fehler beim Herstellen der Internetverbindung.  18:48:24 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.01.2013 14:07:27 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 19:07:27 - Fehler beim Herstellen der Internetverbindung.  19:07:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.01.2013 14:08:19 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 19:08:14 - Fehler beim Herstellen der Internetverbindung.  19:08:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.03.2013 10:07:16 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 10:43:12 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 11:14:28 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 12:54:21 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 13:22:13 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 13:58:18 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 15:31:20 | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 03.03.2013 15:32:57 | Computer Name = Johannes-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 03.03.2013 15:33:30 | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 03.03.2013 18:26:36 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         
--- --- ---
__________________


Alt 04.03.2013, 22:34   #18
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.
__________________
__________________

Alt 04.03.2013, 22:44   #19
Jooe2
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



oke also eigendlich läuft der pc ganz rund jedoch funktioniert firefox und der internet explorer noch immer nicht(stürzen immer beim start ab)

Code:
ATTFilter
All processes killed
========== OTL ==========
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Johannes
->Temp folder emptied: 87134 bytes
->Temporary Internet Files folder emptied: 690354 bytes
->FireFox cache emptied: 75995259 bytes
->Google Chrome cache emptied: 96454261 bytes
->Flash cache emptied: 531 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 165,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03042013_223614

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Alt 05.03.2013, 19:43   #20
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



hi test fehlt noch

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.03.2013, 18:51   #21
Jooe2
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 06.03.2013 18:38:12 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,96 Gb Total Physical Memory | 14,18 Gb Available Physical Memory | 88,81% Memory free
31,92 Gb Paging File | 29,98 Gb Available in Paging File | 93,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,83 Gb Total Space | 29,05 Gb Free Space | 19,52% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
PRC - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
PRC - C:\Windows\SysWOW64\ASDR.exe ()
PRC - C:\Program Files (x86)\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\GamerOSD\ImageTransform.dll ()
MOD - C:\Program Files (x86)\ASUS\GamerOSD\AudioOnVistaDLL.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\VOV32.dll ()
MOD - C:\Program Files (x86)\ASUS\SmartDoctor\aticlocklib.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (ASDR) -- C:\Windows\SysWOW64\ASDR.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (mvs91xx) -- C:\Windows\SysNative\drivers\mvs91xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (IOMap) -- C:\Windows\SysNative\drivers\IOMap64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Users\Johannes\Desktop\Programme\Real Temp\WinRing0x64.sys (OpenLibSys.org)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D 33 7D 7C B7 BA CD 01  [binary data]
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes,DefaultScope = {1C556991-94AD-44e8-ADF6-0448D784C024}
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{1C556991-94AD-44e8-ADF6-0448D784C024}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{7E54566A-08E5-4d90-A488-A59839D306D2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\..\SearchScopes\{D063C8A7-A367-4420-864F-AA5FA4F547EB}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3708035738-3043084122-722666103-1003\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.02.04 17:33:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.03 18:02:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.02.04 17:33:00 | 000,000,000 | ---D | M]
 
[2012.11.04 19:20:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions
[2013.03.03 18:32:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\vpxo1osk.default\extensions
[2013.03.03 18:02:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 05:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 05:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 05:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 05:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 05:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 05:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - Extension: Angry Birds = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google-Suche = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Cut the Rope = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\
CHR - Extension: Plants vs Zombies = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Mail = C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.03.03 20:33:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-3708035738-3043084122-722666103-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3708035738-3043084122-722666103-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3708035738-3043084122-722666103-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider.dll (Bitdefender)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bitdefender\Bitdefender 2013\BdProvider32\BdProvider.dll (Bitdefender)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B63CD16F-1B95-45EF-AFF9-5AAAA49E1DA1}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.04 22:36:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.03.04 21:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.03.04 21:26:01 | 009,565,552 | ---- | C] (SurfRight B.V.) -- C:\Users\Johannes\Desktop\HitmanPro_x64.exe
[2013.03.04 20:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.03.04 20:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.03.04 17:19:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.03 20:29:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.03 20:29:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.03 20:29:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.03 20:29:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.03 20:29:21 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.03 19:41:14 | 005,036,301 | R--- | C] (Swearware) -- C:\Users\Johannes\Desktop\ComboFix.exe
[2013.03.03 18:44:46 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Johannes\Desktop\tdsskiller.exe
[2013.03.03 18:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.03.03 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.03 17:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.03.03 17:51:18 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Google
[2013.03.01 00:39:45 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.03.01 00:39:44 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.03.01 00:39:41 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.03.01 00:39:41 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.01 00:39:41 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.01 00:39:41 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.01 00:39:41 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.01 00:39:41 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.01 00:39:41 | 000,250,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.03.01 00:39:41 | 000,205,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.03.01 00:39:39 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.01 00:39:39 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.01 00:39:39 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.01 00:39:39 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.01 00:39:39 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.01 00:39:39 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.01 00:39:39 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.01 00:39:39 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.01 00:39:39 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.01 00:39:32 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.01 00:39:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.01 00:11:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013.02.28 22:49:54 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\backups
[2013.02.28 22:30:24 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Johannes\Desktop\HiJackThis204.exe
[2013.02.28 01:24:54 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.02.28 01:24:54 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.02.28 01:24:54 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.02.28 01:24:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.02.28 01:24:45 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.02.28 01:24:45 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.02.28 01:24:42 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.02.28 01:24:42 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.02.28 01:24:42 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.02.28 01:24:42 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.02.28 01:24:42 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.02.28 01:24:42 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.02.28 01:24:42 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.02.28 01:24:42 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.02.28 01:24:42 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.02.28 01:24:42 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.02.28 01:24:42 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.02.28 01:24:42 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.02.28 01:24:42 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.02.28 01:24:42 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.02.28 01:24:42 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.02.28 01:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 01:24:42 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 01:24:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.02.28 01:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 01:24:42 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.02.28 01:24:41 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.02.28 01:24:41 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.02.27 19:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.25 13:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013.02.25 13:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2013.02.13 23:35:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 23:35:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 23:35:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 23:35:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 23:35:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 23:35:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 23:35:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 23:35:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 23:35:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 23:35:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 23:35:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 23:35:50 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 23:35:49 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 23:35:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 23:35:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 23:26:52 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 23:26:51 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 23:26:50 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 23:26:41 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 23:26:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 23:26:40 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 23:26:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 23:26:40 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 23:26:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 23:26:36 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.10 02:34:28 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Documents\ANNO 2070
[2013.02.09 23:36:49 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Ubisoft
[2013.02.09 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Application Data
[2013.02.09 18:43:52 | 000,555,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.09 18:39:35 | 016,473,456 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.02.07 23:29:32 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\iFunbox_UserCache
[2013.02.07 16:01:56 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\libimobiledevice
[2013.02.05 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Apple Computer
[2013.02.05 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Apple Computer
[2013.02.05 22:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.05 22:43:19 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013.02.05 22:43:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.02.05 22:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.05 22:39:28 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Local\Apple
[2013.02.05 22:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.02.05 22:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.02.05 22:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.05 22:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.02.05 22:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.02.05 18:39:30 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Documents\Diablo III
[2013.02.05 18:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.05 18:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2013.02.05 18:02:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2013.02.05 18:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.06 18:36:12 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.06 18:35:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.06 18:35:27 | 4265,168,894 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.04 23:56:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.04 22:44:54 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.04 22:44:54 | 000,019,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.04 21:51:49 | 000,000,921 | ---- | M] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.rar
[2013.03.04 21:49:51 | 000,004,346 | ---- | M] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.xml
[2013.03.04 21:26:18 | 009,565,552 | ---- | M] (SurfRight B.V.) -- C:\Users\Johannes\Desktop\HitmanPro_x64.exe
[2013.03.04 20:58:29 | 000,594,019 | ---- | M] () -- C:\Users\Johannes\Desktop\adwcleaner.exe
[2013.03.04 20:26:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.03 20:33:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.03 19:41:40 | 005,036,301 | R--- | M] (Swearware) -- C:\Users\Johannes\Desktop\ComboFix.exe
[2013.03.03 18:44:49 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Johannes\Desktop\tdsskiller.exe
[2013.03.03 18:02:32 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.03 17:52:31 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.03 15:36:30 | 001,619,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.03 15:36:30 | 000,699,092 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.03 15:36:30 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.03 15:36:30 | 000,149,232 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.03 15:36:30 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.03 15:22:29 | 000,042,592 | ---- | M] () -- C:\Users\Johannes\Desktop\OLT-Extras-Gmer.rar
[2013.03.03 14:40:11 | 000,377,856 | ---- | M] () -- C:\Users\Johannes\Desktop\gmer_2.1.19115.exe
[2013.03.03 14:39:05 | 000,000,168 | ---- | M] () -- C:\Users\Johannes\defogger_reenable
[2013.03.03 14:36:05 | 000,050,477 | ---- | M] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013.03.01 00:11:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2013.02.28 22:36:55 | 000,000,638 | -H-- | M] () -- C:\bdr-cf01
[2013.02.28 22:30:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Johannes\Desktop\HiJackThis204.exe
[2013.02.28 22:07:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.02.28 22:07:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.02.27 18:39:32 | 016,473,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013.02.26 14:12:47 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.02.25 13:48:15 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013.02.24 20:59:31 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.02.21 23:29:07 | 000,033,051 | ---- | M] () -- C:\Users\Johannes\Desktop\Sammelzeugnis_1103173_de.pdf
[2013.02.17 17:26:54 | 002,198,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.10 04:25:27 | 026,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.02.10 04:25:27 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.02.10 04:25:27 | 020,534,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.02.10 04:25:27 | 017,987,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.02.10 04:25:27 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.02.10 04:25:27 | 015,275,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013.02.10 04:25:27 | 015,038,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.02.10 04:25:27 | 012,862,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.02.10 04:25:27 | 009,422,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.02.10 04:25:27 | 007,964,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.02.10 04:25:27 | 007,569,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.02.10 04:25:27 | 006,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.02.10 04:25:27 | 002,911,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.02.10 04:25:27 | 002,854,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013.02.10 04:25:27 | 002,726,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.02.10 04:25:27 | 002,528,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.02.10 04:25:27 | 002,350,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,990,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.02.10 04:25:27 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.02.10 04:25:27 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.02.10 04:25:27 | 001,114,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2013.02.10 04:25:27 | 000,963,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.02.10 04:25:27 | 000,250,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.02.10 04:25:27 | 000,205,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.02.10 04:25:27 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.10 02:04:31 | 006,393,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2013.02.10 02:04:31 | 003,472,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2013.02.10 02:04:29 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2013.02.10 02:04:29 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2013.02.10 02:04:29 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2013.02.09 18:43:52 | 000,555,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2013.02.09 14:25:36 | 003,035,306 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.02.05 18:37:27 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.05 18:18:47 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2013.02.05 17:58:18 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
 
========== Files Created - No Company Name ==========
 
[2013.03.04 21:51:49 | 000,000,921 | ---- | C] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.rar
[2013.03.04 21:49:51 | 000,004,346 | ---- | C] () -- C:\Users\Johannes\Desktop\HitmanPro_20130304_2149.xml
[2013.03.04 20:58:29 | 000,594,019 | ---- | C] () -- C:\Users\Johannes\Desktop\adwcleaner.exe
[2013.03.04 20:26:33 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.03 20:29:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.03 20:29:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.03 20:29:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.03 20:29:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.03 20:29:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.03 18:02:32 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.03 18:02:32 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.03 17:52:31 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.03 17:51:22 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.03 17:51:21 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.03 15:22:29 | 000,042,592 | ---- | C] () -- C:\Users\Johannes\Desktop\OLT-Extras-Gmer.rar
[2013.03.03 14:40:11 | 000,377,856 | ---- | C] () -- C:\Users\Johannes\Desktop\gmer_2.1.19115.exe
[2013.03.03 14:39:05 | 000,000,168 | ---- | C] () -- C:\Users\Johannes\defogger_reenable
[2013.03.03 14:36:05 | 000,050,477 | ---- | C] () -- C:\Users\Johannes\Desktop\Defogger.exe
[2013.03.01 00:39:41 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.02.25 13:48:15 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2013.02.21 23:29:06 | 000,033,051 | ---- | C] () -- C:\Users\Johannes\Desktop\Sammelzeugnis_1103173_de.pdf
[2013.02.05 22:39:27 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.02.05 18:02:38 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2013.02.05 17:58:18 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013.01.04 02:40:22 | 001,592,096 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.06 23:07:35 | 000,007,597 | ---- | C] () -- C:\Users\Johannes\AppData\Local\Resmon.ResmonCfg
[2012.11.04 22:58:57 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.04 22:58:56 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.04 20:11:38 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.11.04 20:11:38 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asrussian.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\askorean.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asjapan.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asgerman.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\asfrench.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aseng.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ASCHT.dll
[2012.11.04 20:11:38 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\aschs.dll
[2012.11.04 19:03:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.02 17:18:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.02.02 17:18:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.01.29 20:15:55 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\AVG2013
[2013.02.04 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Bitdefender
[2013.03.04 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\BitTorrent
[2013.03.04 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\DAEMON Tools Lite
[2013.02.08 00:29:34 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\iFunbox_UserCache
[2013.02.04 17:08:02 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Keseling
[2012.12.19 18:18:13 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Origin
[2013.02.04 17:24:48 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\QuickScan
[2012.12.24 23:58:58 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Splashtop
[2012.11.20 21:57:49 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Theta
[2013.01.29 20:13:54 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\TuneUp Software
[2013.02.09 23:36:49 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\Ubisoft
[2012.11.29 18:16:54 | 000,000,000 | ---D | M] -- C:\Users\Johannes\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 06.03.2013 18:38:12 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johannes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,96 Gb Total Physical Memory | 14,18 Gb Available Physical Memory | 88,81% Memory free
31,92 Gb Paging File | 29,98 Gb Available in Paging File | 93,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,83 Gb Total Space | 29,05 Gb Free Space | 19,52% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNES-PC | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3708035738-3043084122-722666103-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{34F50917-87D7-4042-BEDA-6BB51DE4924B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{38D5D104-D797-46B6-B936-9C1E7FBCB926}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4F70A338-54AC-4CAD-B6B0-0B5B2430CDE2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{5761CD98-8703-476E-B71B-CD0B67D0D778}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{68F08078-B800-4850-9AC8-5CE7611B4839}" = rport=445 | protocol=6 | dir=out | app=system | 
"{74257A4C-9A99-404E-9569-E79DF333DAE2}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7D374CE5-2744-4A7B-B299-DA203504E11C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8C31B5A6-9064-4105-8D37-2CF16727A05D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8DAFEF86-EDC1-40EB-A21A-F763A4601EEE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9E6ECB65-DA41-43B5-98DF-577079D06BB3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A16ECB28-23DF-4072-AE23-627CBC773D4E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A4ADFB83-3E73-4D17-8E50-738706493361}" = lport=137 | protocol=17 | dir=in | app=system | 
"{AB4EEDAC-13A8-4C33-9953-B6F2DA2755EB}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B8508D63-6E71-4137-908D-C39B8E7AADAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BCAB5807-CA41-407D-B6C9-9038946D4B8C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BF9A92E3-8DA7-465B-8D91-F958E19CC40D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C55AA820-DCAA-462C-9526-B79C0BD93C89}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C7C9468A-004C-444C-B987-E053FAB466C4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CA8A755C-FECD-4BE8-B441-570438E72669}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CB269003-9ACC-47D2-A5C9-77294D3805F5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E9BC175A-9E1F-4BEF-A0D9-F1427051857D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EFE32085-4C6B-48C6-9009-52D44C59B235}" = lport=138 | protocol=17 | dir=in | app=system | 
"{FD693E86-478B-4D40-BE07-C59E374DEE76}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E82FD5-3636-4BF4-871B-6637A7E62AD8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0801C6A6-DB7D-4BAB-B62E-D6A861751A42}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | 
"{0E662274-48A4-4668-B25C-430319D008CD}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{12769BA4-A7FC-4989-B42C-A70B30D9FFDC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1B045E30-1369-4C4B-9186-F23D2536ED50}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1BE6685B-19B7-45DB-BA04-93879CD78656}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{204195E0-5359-4C78-AE3C-3B060347F56D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | 
"{20B20189-D9C9-4742-BC23-1953020FA071}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{22963D1F-4D68-4F03-A7F1-396BFC60FD69}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{28F413A1-C4B2-4718-929A-10412343857D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{293BE458-6C31-477B-91B0-3F0BE24235D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D360E87-EF88-4B1A-9827-309527F66EAD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe | 
"{2DBCAA9D-FF97-4382-8552-74954AD09561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{316EDA11-842A-47CC-A299-BAB723F916B8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{37DA8C28-7B0E-432C-82B8-3B2E5A9BDE3B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{384DC4B7-1638-470E-BFA3-ABCD8FFABC3B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{3D847D0F-3EC2-4AA5-859A-B571251E2C2F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{3EF37C3A-5057-4B9C-9757-1231B938D4D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4127C684-4911-4265-A797-B346A66B46D7}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{490A1DBE-C94E-460D-8DF1-B446089E74CB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{498C716F-FF40-449C-AB31-8F5E557084D6}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{5499FB21-DAAB-4FD4-8C1D-C1106F6D6F09}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6AC99067-B258-4E2D-91DB-FAA0208F6E0B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{6C518995-F109-4A70-81CD-862DC7BC175A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6D080152-A7AB-4854-900B-501FDE5B4D59}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | 
"{774F03BC-C263-4037-922B-72EB1CF7738A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7BC69057-CC83-47F7-A1D2-6D7CCB161AE2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe | 
"{80DB6586-B93E-4A9D-B14A-4EA279D9C1F4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe | 
"{8198E5AB-FF0B-479B-AD69-E36835EB3F9E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{8378624C-BF26-46B0-B02A-5E0F45620E77}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe | 
"{8B1995E9-1270-41C9-AADC-5B3DF36A96BE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{8B7144CF-1560-44D1-98F5-D94E18F73622}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A67914F6-4BBA-44BC-B410-329F2AEFAD7C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A68DF9BA-5913-4343-A1FE-9BAF40FCEB1D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A6C8C7C7-B5E0-4D35-B833-355DBEA17448}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A7FDB637-EF50-44EE-B50E-F187565DF28B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe | 
"{A8CA022C-1DD1-4839-B9C7-997683E84AA1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{AFE8CA8E-3502-44CD-B8E9-AFF32C192BAD}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | 
"{B9ADA1FA-E05B-4240-9F47-40E240E7DA61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{BAC826F5-8D94-4DC4-A08A-8B634CEBBB01}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{C3A2DDA2-07B0-4BC1-B144-FCEC0A2E99DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{CA27A659-A9B5-44D9-BA82-67CCFBEF4C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D7F2D3A8-F866-476B-8DE4-20F566F275F4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D97BFB44-E3CD-4389-83D5-ABE7BD0E854E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{DD00871F-B325-4810-8712-3F06FD6395EF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{E34ECA4B-F84F-4A14-B9D9-1161428539FB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{E5E26530-DD09-4ECB-9717-1C1DE2282473}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E76F5DA5-95F0-497C-AED0-AC590BA579D7}" = protocol=6 | dir=out | app=system | 
"{EB445735-AA23-496C-9DFD-640D73F66D6D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{F32AF64D-63E9-45C6-BEE9-682DCC573C1C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{F9C8F916-A2D0-4ADD-8518-C4DECF6E404A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FAD2AD25-B48F-48A2-9DD7-02BF9F220E45}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe | 
"{FDD0C4CD-9BC8-4921-ABF2-33F8908F3565}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{FE6E6E12-63DF-4FE2-80F9-3E7640A50C1A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{10D0D07B-20F3-4B5D-AF20-B6DA172A309A}C:\users\johannes\desktop\aoe2\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\aoe2\age2_x1.exe | 
"TCP Query User{13DF9A58-5D23-45D0-AD91-A85DCFABA90E}E:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe" = protocol=6 | dir=in | app=e:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe | 
"TCP Query User{16FC6550-8194-4275-97CE-52D7C5900995}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"TCP Query User{6E958BAC-3710-4669-AAE1-98110B1B9641}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe | 
"TCP Query User{74FE029C-FB6D-4D31-8376-659E55814BAD}C:\program files (x86)\innonics\wiggles\wiggles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\innonics\wiggles\wiggles.exe | 
"TCP Query User{864DC078-BD31-4273-935C-1CB2754B62ED}C:\users\johannes\desktop\aoe2\empires2.exe" = protocol=6 | dir=in | app=c:\users\johannes\desktop\aoe2\empires2.exe | 
"TCP Query User{DF6E1FD5-C31A-4349-A8FB-3503B830CBAF}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{02B4CB83-E7B6-4E0C-BC53-07B952BDF025}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | 
"UDP Query User{2FCEA2B6-906D-4EF9-AA34-D7B41F8E43D5}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{3BD114C1-5C87-4D8B-B892-A68B1F168019}C:\users\johannes\desktop\aoe2\empires2.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\aoe2\empires2.exe | 
"UDP Query User{49AA2B9B-6E6F-41C2-9E5E-ED057A379954}C:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\r.g. mechanics\assassin's creed iii\ac3sp.exe | 
"UDP Query User{5621ABDB-DE4C-42C5-BC05-A7D2E082524D}E:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe" = protocol=17 | dir=in | app=e:\spiele\age of empires 2\aoe2+exp\age of empires ii\age2_x1\age2_x2.exe | 
"UDP Query User{93FA6E01-D39E-415A-B05E-72D6375B3C83}C:\users\johannes\desktop\aoe2\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\johannes\desktop\aoe2\age2_x1.exe | 
"UDP Query User{ED8569A7-730B-4528-AA14-A3051C3BDEE1}C:\program files (x86)\innonics\wiggles\wiggles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\innonics\wiggles\wiggles.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"Bitdefender" = Bitdefender Internet Security 2013
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62.0
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{287EAC0F-6C96-4712-97A6-958510872CBB}" = Utility
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F9121-5599-47F9-9F82-9FEA0F03C47F}" = 3DPower B12.0215.1
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 550" = Left 4 Dead 2
"Uplay" = Uplay
"Wiggles" = Wiggles
"xvid" = XviD MPEG-4 Video Codec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.02.2013 20:01:09 | Computer Name = Johannes-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 19.0.0.4794 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 174c    Startzeit:
 01ce160f9f24ae69    Endzeit: 4    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 0e3aef2b-8203-11e2-8c01-902b34382990  
 
Error - 03.03.2013 10:08:01 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x004513f0  ID des fehlerhaften
 Prozesses: 0x1268  Startzeit der fehlerhaften Anwendung: 0x01ce1818804bc3fe  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c20fac57-840b-11e2-9d18-902b34382990
 
Error - 03.03.2013 10:08:04 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00442fb8  ID des fehlerhaften
 Prozesses: 0x1334  Startzeit der fehlerhaften Anwendung: 0x01ce181885bc48fe  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c3797d80-840b-11e2-9d18-902b34382990
 
Error - 03.03.2013 10:08:06 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x07343e28  ID des fehlerhaften
 Prozesses: 0xd98  Startzeit der fehlerhaften Anwendung: 0x01ce181886af155a  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: c4c45cc6-840b-11e2-9d18-902b34382990
 
Error - 04.03.2013 16:05:40 | Computer Name = Johannes-PC | Source = Application Hang | ID = 1002
Description = Programm wseC92C.tmp, Version 1.0.0.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1524    Startzeit:
 01ce19136476668c    Endzeit: 0    Anwendungspfad: C:\Users\Johannes\AppData\Local\Temp\wseC92C.tmp

Berichts-ID:
 dfd7cd64-8506-11e2-ac40-902b34382990  
 
Error - 04.03.2013 16:50:15 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00a635b0  ID des fehlerhaften
 Prozesses: 0x87c  Startzeit der fehlerhaften Anwendung: 0x01ce1919de9d6585  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 1d29b1bf-850d-11e2-8671-902b34382990
 
Error - 04.03.2013 16:50:17 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x09ca0fe8  ID des fehlerhaften
 Prozesses: 0x40c  Startzeit der fehlerhaften Anwendung: 0x01ce1919e0b4fb23  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 1e7e1687-850d-11e2-8671-902b34382990
 
Error - 04.03.2013 17:38:51 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x09b40048  ID des fehlerhaften
 Prozesses: 0x1058  Startzeit der fehlerhaften Anwendung: 0x01ce1920a81884c8  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: e72c7f71-8513-11e2-a949-902b34382990
 
Error - 04.03.2013 17:38:53 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00873418  ID des fehlerhaften
 Prozesses: 0x99c  Startzeit der fehlerhaften Anwendung: 0x01ce1920aa941431  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: e8586cd4-8513-11e2-a949-902b34382990
 
Error - 04.03.2013 17:38:55 | Computer Name = Johannes-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ec971b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x07adf618  ID des fehlerhaften
 Prozesses: 0x888  Startzeit der fehlerhaften Anwendung: 0x01ce1920ab8e04ae  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: e97f9776-8513-11e2-a949-902b34382990
 
[ Media Center Events ]
Error - 03.01.2013 13:23:12 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:23:12 - Fehler beim Herstellen der Internetverbindung.  18:23:12 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 13:24:04 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:23:59 - Fehler beim Herstellen der Internetverbindung.  18:23:59 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 15:01:04 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 20:01:04 - Fehler beim Herstellen der Internetverbindung.  20:01:04 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 03.01.2013 15:01:59 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 20:01:52 - Fehler beim Herstellen der Internetverbindung.  20:01:52 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:46:47 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:46:47 - Fehler beim Herstellen der Internetverbindung.  18:46:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:47:36 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:47:36 - Fehler beim Herstellen der Internetverbindung.  18:47:36 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:47:40 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:47:34 - Fehler beim Herstellen der Internetverbindung.  18:47:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.01.2013 13:48:25 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 18:48:24 - Fehler beim Herstellen der Internetverbindung.  18:48:24 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.01.2013 14:07:27 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 19:07:27 - Fehler beim Herstellen der Internetverbindung.  19:07:27 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.01.2013 14:08:19 | Computer Name = Johannes-PC | Source = MCUpdate | ID = 0
Description = 19:08:14 - Fehler beim Herstellen der Internetverbindung.  19:08:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.03.2013 10:43:12 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 11:14:28 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 12:54:21 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 13:22:13 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 13:58:18 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 03.03.2013 15:31:20 | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 03.03.2013 15:32:57 | Computer Name = Johannes-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 03.03.2013 15:33:30 | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 03.03.2013 18:26:36 | Computer Name = Johannes-PC | Source = bowser | ID = 8003
Description = 
 
Error - 04.03.2013 17:36:14 | Computer Name = Johannes-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
 
< End of report >
         
--- --- ---

Alt 06.03.2013, 19:01   #22
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



das ist schon wieder ein otl log
ich hatte unter dem otl fix in post 18 noch um einen Test gebeten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.03.2013, 19:08   #23
Jooe2
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



also es funktioniert alles tadellos bis auf firefox und internet explorer sogar chrome funktioniert ohne probleme, die ersten 2 genannten stürzen immer beim start ab. toolbars oder der gleichen sind keine vorhanden. spiele und andere programme funktionieren auch ohne probleme.

Alt 08.03.2013, 21:20   #24
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



Hi
fehlermeldungen beim absturtz, wennn ja mal als Text posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.03.2013, 14:46   #25
Jooe2
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



im internet explorer kommt absolut nichts, vor paar tagen ist noch gekommen das er nicht mehr funktioniert und jetzt ist einfach ein weißer bildschirm und keine seite öffnet sich. Firefox startet nichtmal sondern sagt mir das ein fehler aufgetreten ist und ich den bericht an mozilla schicken soll aber deteils kann er mir nicht anzeigen, und wenn ich dann paar mal auf neustarten klicke kommt eine meldung das ich ihn im abgesicherten modus starten kann und dann funktioniert eigendlich alles bis auf ein paar addons.

ich weiß das klingt alles bisschen komisch aber ich hab echt schon alles versucht und an den programmen kann es einfach nicht liegen ...

Alt 11.03.2013, 18:10   #26
markusg
/// Malware-holic
 
Firefox sowie Internet Explorer starten nicht mehr - Standard

Firefox sowie Internet Explorer starten nicht mehr



dann setzen wir neu auf
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Firefox sowie Internet Explorer starten nicht mehr
abgesicherten, anhang, bitdefender, board, defender, explorer, files, firefox, gmer, hoffe, interne, internet, internet explorer, langsamer, modus, nicht mehr, nichts, problem, starte, starten, starten nicht, trojaner, trojaner board, weiterhelfen, windows, zunge




Ähnliche Themen: Firefox sowie Internet Explorer starten nicht mehr


  1. PC mit Win 7 64 bit wird langsam, Mehrere Internet Explorer Prozesse machen sich auf, Antivir wird geblockt, lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (7)
  2. Verdacht auf Virus, Internet connecten dauert lange, Viele Dienste starten nicht. Avira sowie Malwarebytes meckern nicht.
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (1)
  3. Windows 7 GData Antivirus Client und Taskmgr sowie einige *.exe starten nicht mehr
    Log-Analyse und Auswertung - 27.04.2014 (10)
  4. Firefox sowie Internet Explorer funktionieren nicht
    Alles rund um Windows - 01.03.2013 (1)
  5. Windows Sichertscenter lässt sich nicht mehr starten sowie Weiterleitung auf Rocketnews
    Plagegeister aller Art und deren Bekämpfung - 06.07.2012 (21)
  6. Nach Virenbefall kein Starten von IE sowie Firefox mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 03.05.2012 (2)
  7. Internet Explorer und Firefox laden Google nicht mehr
    Log-Analyse und Auswertung - 19.09.2011 (1)
  8. Firefox, Thunderbird, Skype starten nicht - Explorer geht
    Plagegeister aller Art und deren Bekämpfung - 12.08.2011 (16)
  9. Alle Web-Browser funktionieren nicht mehr (Internet Explorer, Google Chrome etc.) auser Firefox
    Plagegeister aller Art und deren Bekämpfung - 08.11.2010 (1)
  10. Programme starten nicht mehr / Explorer nicht mehr durch Firewall blockiert
    Log-Analyse und Auswertung - 08.10.2009 (11)
  11. Pc läuft nicht mehr richtig sowie das internet
    Alles rund um Windows - 23.08.2009 (10)
  12. internet explorer funktioniert nicht mehr firefox schon
    Log-Analyse und Auswertung - 26.10.2007 (1)
  13. Internet Explorer geht nicht mehr seit Firefox
    Alles rund um Windows - 03.07.2007 (11)
  14. Internet explorer Popups beim Starten von Mozilla firefox
    Log-Analyse und Auswertung - 26.01.2007 (4)
  15. Explorer und browser starten nicht mehr
    Log-Analyse und Auswertung - 29.12.2006 (3)
  16. Internet Explorer und Firefox können Seiten nicht mehr laden
    Plagegeister aller Art und deren Bekämpfung - 04.01.2005 (15)
  17. Internet Explorer und Firefox können Seiten nicht mehr laden
    Alles rund um Windows - 31.12.2004 (4)

Zum Thema Firefox sowie Internet Explorer starten nicht mehr - nein, sonst hätt ich das geschrieben. - Firefox sowie Internet Explorer starten nicht mehr...
Archiv
Du betrachtest: Firefox sowie Internet Explorer starten nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.