|
Log-Analyse und Auswertung: PC sehr lahm & Taskmanager friert einWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.04.2013, 01:30 | #1 |
| PC sehr lahm & Taskmanager friert ein Hallo, vorab, ich sollte zukünftig nur noch in VirtualBox arbeiten Mein Problem besteht im folgendem: Ich merke meinem PC zwischendurch einfach an, dass er sehr langsam und zäh ist. Wenn ich dann den Taskmanager öffne, ist die CPU Auslastung fast durchgehend bei 80% - verursacht durch den Tasksmanager. Allerdings ist der Taskmanager auch "eingefroren". Die Werte aktualisieren sich nicht mehr und der Taskmanager lässt sich nicht bedienen - er ist also mehr oder weniger abgestürzt... Vielleicht könnt Ihr mir helfen. Anbei meine gewünschten Log Dateien. Gmer stürzt bei mir immer wieder ab. Diesen Log kann ich euch leider nicht bieten. PS: Bei der Erstellung der Dateien lief im Hintergrund immer mein nvidia Treiber - hoffe das ist nicht schlimm... DankeeeOTL Logfile: Code:
ATTFilter OTL logfile created on: 01.04.2013 01:59:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\USER\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16519) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 73,19% Memory free 4,79 Gb Paging File | 3,52 Gb Available in Paging File | 73,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,31 Gb Total Space | 37,81 Gb Free Space | 38,85% Space Free | Partition Type: NTFS Drive E: | 358,34 Gb Total Space | 317,55 Gb Free Space | 88,62% Space Free | Partition Type: NTFS Computer Name: USER-LAPTOP | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\USER\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Buhl\WISO Börse 2013\bin\watchdog.exe (vwd Vereinigte Wirtschaftsdienste AG) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll () ========== Services (SafeList) ========== SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (StarMoney 9.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (WB13WatchDog) -- C:\Program Files (x86)\Buhl\WISO Börse 2013\bin\watchdog.exe (vwd Vereinigte Wirtschaftsdienste AG) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (klwfp) -- C:\Windows\SysNative\Drivers\klwfp.sys (Kaspersky Lab ZAO) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\Drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\Drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\Drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\Drivers\kneps.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\Drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (klelam) -- C:\Windows\SysNative\Drivers\klelam.sys (Kaspersky Lab) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (kl1) -- C:\Windows\SysNative\Drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (netr28x) -- C:\Windows\SysNative\Drivers\netr28x.sys (Ralink Technology, Corp.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 8C B3 16 BE 1F CE 01 [binary data] IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250 FF - prefs.js..extensions.enabledAddons: feedly%40devhd:10.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\USER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.13 09:42:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 17:48:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.03.13 09:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Extensions [2013.03.15 23:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\ieirqt9j.default\extensions [2013.03.15 23:33:31 | 000,637,327 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\ieirqt9j.default\extensions\feedly@devhd.xpi [2013.03.13 09:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.13 10:54:31 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM [2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: BIODIGITAL HUMAN = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\ CHR - Extension: Google Docs = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Modul zur Link-Untersuchung = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\ CHR - Extension: Anatomy 3D = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgiaifohbadjmcpafbhhgkobokjoiod\1.5_0\ CHR - Extension: Anatomy 3D = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgiaifohbadjmcpafbhhgkobokjoiod\1.5_0\.bak CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\ CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\ CHR - Extension: Google Mail = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Anti-Banner = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [Spotify] C:\Users\USER\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [Spotify Web Helper] C:\Users\USER\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8C593CC-946D-4931-8EA0-F70792CE2412}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{37fe6ca2-8bb0-11e2-be65-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{37fe6ca2-8bb0-11e2-be65-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\setup.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.01 01:56:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe [2013.04.01 00:56:27 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2013.04.01 00:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2013.04.01 00:34:10 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2013.04.01 00:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2013.03.31 23:56:59 | 000,000,000 | ---D | C] -- C:\adobeTemp [2013.03.31 23:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2013.03.31 01:01:01 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\NVIDIA [2013.03.31 01:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2013.03.31 00:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013.03.31 00:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013.03.29 19:01:49 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\FileZilla [2013.03.29 19:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.03.29 19:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2013.03.27 15:48:46 | 000,000,000 | ---D | C] -- C:\Users\USER\.thumbnails [2013.03.27 15:46:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\fontconfig [2013.03.27 15:46:14 | 000,000,000 | ---D | C] -- C:\Users\USER\.gimp-2.8 [2013.03.27 15:46:13 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\gegl-0.2 [2013.03.27 15:14:59 | 000,000,000 | ---D | C] -- C:\Users\USER\Aptana Rubles [2013.03.27 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\USER\My Documents [2013.03.27 15:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana [2013.03.27 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Aptana Studio 3 [2013.03.26 23:32:11 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Warframe [2013.03.26 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.03.26 21:26:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Programs [2013.03.26 16:16:15 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\WISO Mein Geld [2013.03.26 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Buhl Data Service GmbH [2013.03.26 16:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2013 [2013.03.26 15:57:36 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Buhl Data Service [2013.03.26 15:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\StarMoney 9.0 [2013.03.26 15:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 9.0 [2013.03.26 15:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects [2013.03.26 15:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\StarFinanz [2013.03.26 15:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarMoney 9.0 [2013.03.26 15:44:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.03.26 15:40:15 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Buhl Data Service [2013.03.26 15:40:08 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\WISO Börse 2013 [2013.03.26 15:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Börse 2013 [2013.03.26 15:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH [2013.03.26 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Buhl Data Service [2013.03.26 15:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0 [2013.03.26 15:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033 [2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033 [2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1031 [2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1031 [2013.03.26 15:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2 [2013.03.26 15:31:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.03.26 15:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.03.26 15:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buhl [2013.03.26 15:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WISO Börse 2013 [2013.03.26 14:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2013.03.26 14:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2013.03.26 14:13:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2013.03.26 14:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013.03.26 14:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013.03.25 17:20:28 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\Test [2013.03.25 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\USER\bluej [2013.03.25 15:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2013.03.25 15:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.03.25 15:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.03.25 01:23:09 | 000,000,000 | ---D | C] -- C:\Users\USER\workspace [2013.03.25 00:03:38 | 000,000,000 | ---D | C] -- C:\Users\USER\.android [2013.03.25 00:03:00 | 000,000,000 | ---D | C] -- C:\Users\USER\SDK [2013.03.24 21:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013.03.24 21:55:59 | 000,000,000 | ---D | C] -- C:\Users\USER\SystemRequirementsLab [2013.03.24 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Apple Computer [2013.03.24 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Apple Computer [2013.03.24 21:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.03.24 21:15:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Apple [2013.03.24 21:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.03.24 21:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013.03.24 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.03.24 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013.03.24 21:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.03.24 21:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013.03.22 01:25:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\NetBeans [2013.03.22 01:25:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\NetBeans [2013.03.22 01:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\glassfish-3.1.2.2 [2013.03.22 01:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans [2013.03.22 01:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\NetBeans 7.3 [2013.03.22 00:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.03.22 00:48:14 | 000,000,000 | ---D | C] -- C:\Users\USER\.nbi [2013.03.21 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Skype [2013.03.21 20:51:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.03.21 20:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.21 20:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.03.21 20:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.03.20 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ [2013.03.20 19:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueJ [2013.03.19 13:31:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends [2013.03.19 13:31:46 | 000,000,000 | ---D | C] -- C:\xampp [2013.03.18 23:52:52 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Spotify [2013.03.18 23:52:38 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Spotify [2013.03.18 17:57:29 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Unity [2013.03.18 17:57:03 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Unity [2013.03.18 17:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.03.18 17:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.03.18 17:49:23 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Google [2013.03.17 21:06:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\OpenOffice.org [2013.03.17 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Thunderbird [2013.03.17 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Thunderbird [2013.03.17 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.03.15 16:42:42 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.03.15 16:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2013.03.15 16:40:12 | 000,000,000 | ---D | C] -- C:\Users\USER\Desktop\OpenOffice.org 3.4.1 (de) Installation Files [2013.03.14 21:02:38 | 000,000,000 | ---D | C] -- C:\usb_driver [2013.03.14 11:33:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Sublime Text 2 [2013.03.14 11:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 2 [2013.03.13 22:26:48 | 000,000,000 | ---D | C] -- C:\Users\USER\.zend [2013.03.13 22:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.03.13 22:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.03.13 22:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\WinRAR [2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.03.13 22:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.03.13 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Macromedia [2013.03.13 15:10:45 | 000,000,000 | ---D | C] -- C:\Users\USER\VirtualBox VMs [2013.03.13 15:10:13 | 000,000,000 | ---D | C] -- C:\Users\USER\.VirtualBox [2013.03.13 15:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2013.03.13 15:09:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2013.03.13 15:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2013.03.13 10:41:52 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice [2013.03.13 10:18:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV [2013.03.13 10:18:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV [2013.03.13 10:08:01 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013.03.13 10:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.03.13 10:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.03.13 10:06:38 | 000,612,696 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.03.13 10:06:38 | 000,089,944 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys [2013.03.13 09:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2013.03.13 09:56:22 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.03.13 09:56:22 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.03.13 09:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2013.03.13 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013.03.13 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2013.03.13 09:50:26 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Adobe [2013.03.13 09:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.03.13 09:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.03.13 09:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.03.13 09:44:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.03.13 09:44:03 | 000,000,000 | ---D | C] -- C:\Intel [2013.03.13 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Mozilla [2013.03.13 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Mozilla [2013.03.13 09:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.03.13 09:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.03.13 09:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.13 09:41:09 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Macromedia [2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\Searches [2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\Contacts [2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.03.13 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Adobe [2013.03.13 09:38:38 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\VirtualStore [2013.03.13 09:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2013.03.13 09:38:28 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Packages [2013.03.13 09:38:19 | 000,000,000 | --SD | C] -- C:\Users\USER\AppData\Roaming\Microsoft [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Videos [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Saved Games [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Pictures [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Music [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Links [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Favorites [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Downloads [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Documents [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Desktop [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Vorlagen [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Verlauf [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Temporary Internet Files [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Startmenü [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\SendTo [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Recent [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Netzwerkumgebung [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Lokale Einstellungen [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Videos [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Musik [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Eigene Dateien [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Bilder [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Druckumgebung [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Cookies [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Anwendungsdaten [2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Anwendungsdaten [2013.03.13 09:38:19 | 000,000,000 | -H-D | C] -- C:\Users\USER\AppData [2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Temp [2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Microsoft [2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.03.13 09:38:18 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2013.03.13 09:38:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Programme [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.03.13 09:33:42 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.03.13 09:33:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013.03.13 09:32:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther ========== Files - Modified Within 30 Days ========== [2013.04.01 01:58:56 | 000,000,000 | ---- | M] () -- C:\Users\USER\defogger_reenable [2013.04.01 01:58:23 | 000,377,856 | ---- | M] () -- C:\Users\USER\Desktop\gmer_2.1.19155.exe [2013.04.01 01:56:20 | 000,050,477 | ---- | M] () -- C:\Users\USER\Desktop\Defogger.exe [2013.04.01 01:56:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe [2013.04.01 01:54:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.01 01:45:50 | 001,928,686 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.01 01:45:50 | 000,818,446 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.01 01:45:50 | 000,775,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.01 01:45:50 | 000,180,228 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.01 01:45:50 | 000,157,016 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.01 01:41:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.01 01:40:39 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.01 01:39:33 | 004,928,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.01 01:39:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.04.01 01:38:47 | 3362,271,232 | -HS- | M] () -- C:\hiberfil.sys [2013.04.01 01:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.31 12:54:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2013.03.31 00:02:53 | 000,001,518 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk [2013.03.29 14:11:42 | 000,002,768 | ---- | M] () -- C:\Users\USER\AppData\Local\recently-used.xbel [2013.03.27 15:13:55 | 000,001,091 | ---- | M] () -- C:\Users\USER\Desktop\Aptana Studio 3.lnk [2013.03.26 21:27:47 | 000,000,880 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2013.03.26 16:01:49 | 000,001,343 | ---- | M] () -- C:\Users\Public\Desktop\Belegschnellerfassung.lnk [2013.03.26 16:01:49 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\WISO Mein Geld 2013.lnk [2013.03.26 15:47:16 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\StarMoney 9.0.lnk [2013.03.26 15:40:14 | 000,000,031 | ---- | M] () -- C:\Windows\iltwain.ini [2013.03.26 15:39:51 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\WISO Börse 2013.lnk [2013.03.26 15:37:20 | 001,952,668 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.03.25 15:36:07 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2013.03.24 21:16:47 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.22 01:04:13 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk [2013.03.20 19:21:47 | 000,001,881 | ---- | M] () -- C:\Users\USER\Desktop\BlueJ.lnk [2013.03.19 13:31:51 | 000,000,614 | ---- | M] () -- C:\Users\USER\Desktop\XAMPP Control Panel.lnk [2013.03.18 23:52:51 | 000,001,772 | ---- | M] () -- C:\Users\USER\Desktop\Spotify.lnk [2013.03.18 17:50:17 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.17 17:48:56 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.03.15 16:42:42 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.03.14 20:36:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.03.13 15:09:37 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013.03.13 10:54:28 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klwfp.sys [2013.03.13 10:54:28 | 000,029,016 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klkbdflt.sys [2013.03.13 10:54:27 | 000,612,696 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2013.03.13 10:22:51 | 000,002,340 | ---- | M] () -- C:\Users\USER\Desktop\Sicherer Zahlungsverkehr.lnk [2013.03.13 10:21:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.03.13 10:08:02 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.03.13 09:49:17 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.03.13 09:42:45 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.13 09:35:00 | 000,052,435 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.03.13 09:35:00 | 000,052,435 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2013.04.01 01:58:56 | 000,000,000 | ---- | C] () -- C:\Users\USER\defogger_reenable [2013.04.01 01:58:23 | 000,377,856 | ---- | C] () -- C:\Users\USER\Desktop\gmer_2.1.19155.exe [2013.04.01 01:56:20 | 000,050,477 | ---- | C] () -- C:\Users\USER\Desktop\Defogger.exe [2013.04.01 00:27:02 | 000,001,650 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk [2013.04.01 00:25:45 | 000,001,518 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk [2013.03.31 23:58:36 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Fireworks CS6.lnk [2013.03.31 23:56:33 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2013.03.31 12:54:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2013.03.31 00:35:26 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2013.03.31 00:34:27 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2013.03.31 00:33:25 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2013.03.31 00:32:47 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2013.03.31 00:29:56 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2013.03.31 00:29:50 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2013.03.31 00:02:53 | 000,001,530 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk [2013.03.31 00:02:53 | 000,001,518 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk [2013.03.29 14:11:42 | 000,002,768 | ---- | C] () -- C:\Users\USER\AppData\Local\recently-used.xbel [2013.03.27 15:13:55 | 000,001,091 | ---- | C] () -- C:\Users\USER\Desktop\Aptana Studio 3.lnk [2013.03.26 21:27:47 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.03.26 21:27:47 | 000,000,880 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2013.03.26 16:01:49 | 000,001,343 | ---- | C] () -- C:\Users\Public\Desktop\Belegschnellerfassung.lnk [2013.03.26 16:01:49 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\WISO Mein Geld 2013.lnk [2013.03.26 15:47:16 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\StarMoney 9.0.lnk [2013.03.26 15:40:13 | 000,000,031 | ---- | C] () -- C:\Windows\iltwain.ini [2013.03.26 15:39:51 | 000,002,178 | ---- | C] () -- C:\Users\Public\Desktop\WISO Börse 2013.lnk [2013.03.26 15:37:01 | 001,952,668 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.03.25 15:36:07 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2013.03.24 21:16:47 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.24 21:15:02 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.03.22 01:04:13 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk [2013.03.20 19:21:47 | 000,001,881 | ---- | C] () -- C:\Users\USER\Desktop\BlueJ.lnk [2013.03.19 13:31:51 | 000,000,614 | ---- | C] () -- C:\Users\USER\Desktop\XAMPP Control Panel.lnk [2013.03.18 23:52:51 | 000,001,772 | ---- | C] () -- C:\Users\USER\Desktop\Spotify.lnk [2013.03.18 23:52:51 | 000,001,758 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.03.18 17:50:17 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.03.18 17:49:31 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.18 17:49:30 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.17 17:48:56 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.03.17 17:48:55 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2013.03.15 16:42:42 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.03.14 21:08:02 | 004,928,936 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.14 20:36:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.03.14 11:32:56 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk [2013.03.13 15:09:37 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2013.03.13 15:06:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.13 10:53:01 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll [2013.03.13 10:53:01 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2013.03.13 10:22:52 | 000,001,323 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk [2013.03.13 10:22:50 | 000,002,340 | ---- | C] () -- C:\Users\USER\Desktop\Sicherer Zahlungsverkehr.lnk [2013.03.13 10:21:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.03.13 10:08:27 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.03.13 09:56:45 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2013.03.13 09:54:27 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013.03.13 09:49:17 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.03.13 09:49:17 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.03.13 09:42:45 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.03.13 09:42:45 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.13 09:39:06 | 000,001,438 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.03.13 09:35:29 | 3362,271,232 | -HS- | C] () -- C:\hiberfil.sys [2013.03.13 09:33:07 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2012.12.14 03:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.12.14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.12.14 03:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== ZeroAccess Check ========== [2013.03.26 15:32:37 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.03.26 15:57:36 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Buhl Data Service [2013.03.26 17:27:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Buhl Data Service GmbH [2013.04.01 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2013.03.29 19:21:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\FileZilla [2013.03.22 01:25:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\NetBeans [2013.03.17 21:06:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\OpenOffice.org [2013.03.30 13:19:49 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Spotify [2013.04.01 00:34:10 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2013.03.14 11:33:03 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Sublime Text 2 [2013.03.17 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Thunderbird [2013.03.18 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Unity ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.04.2013 01:59:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\USER\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16519) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 73,19% Memory free 4,79 Gb Paging File | 3,52 Gb Available in Paging File | 73,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,31 Gb Total Space | 37,81 Gb Free Space | 38,85% Space Free | Partition Type: NTFS Drive E: | 358,34 Gb Total Space | 317,55 Gb Free Space | 88,62% Space Free | Partition Type: NTFS Computer Name: USER-LAPTOP | User Name: USER | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe () [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe () [HKEY_USERS\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [open] -- "C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe" "%1" () piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) jsfile [open] -- "C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe" "%1" () piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{163EA6E7-25E5-4852-9743-D0CD846D6CFF}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | "{183AF7E6-BB21-4B69-9D50-1C3AFE027E61}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | "{8C5661D5-9064-4A2E-8022-095A4351D4B0}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\tools\launcher.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{20F439DE-F90A-46CF-A772-9E53DDF6F91E}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{2A058FF1-2DD8-4EBF-9E05-C3F62A3E6C7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{2C57A6DD-76CB-4C28-8703-359CF2192BD2}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{3BBDFCBB-455B-4196-988B-19A3643267EF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{5209BADF-63EF-4F86-A166-586048DE713A}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{557D236D-E6F9-4751-8B2A-F051C72797F5}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{57A76B58-3D1D-48D8-8C4E-F436479B2DA3}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{5B5281E5-03A5-4DEC-B847-1A28D58850A8}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0\ouservice\starmoneyonlineupdate.exe | "{5BADE28A-47F5-404E-A7E7-640BCCDEED31}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{62CD4F95-3359-4309-AAEC-641D6AEA6F56}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0\app\starmoney.exe | "{69A49BB1-4621-4463-9F66-E3EE86987327}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{69C68EC3-AE2D-482F-B9AD-EE5DE8F2628B}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | "{6E66D02A-C561-4974-B386-DE7E2C4B5884}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{7825632B-B231-4E87-969F-AAEB050BF44F}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{7D138443-A0CB-4AE4-A32B-AB8A7F5A070C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{80F4AD0D-1D6F-48F0-83E9-810ED383464D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{8501D07B-C509-4EF2-B5CA-07E1AD173D27}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{88FF451B-66C5-4B78-A67F-7710F0BEE6EE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{92FD5CDF-62E6-45FA-88C0-F45116C49E17}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | "{9C88511B-9B2D-4331-A138-68AB6848BFB2}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{9EDB39F0-3152-466C-996A-F16D52F0E31E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{A3E51785-C7F0-4977-A0C4-9AFD8C431F15}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{A6F8E789-C079-4349-ACBC-CE63BFB43C57}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{AE422A9F-FB9A-432A-A1D7-158FE505D854}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B46FACB5-F74E-4E2A-96DA-72EF43BD6BD8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B628814F-4070-480C-9718-87CE5A8F1593}" = protocol=17 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | "{B6450A9C-225C-41C6-B8CF-DE565DD7858C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{BA538A0A-B242-4FC9-834A-9741371455AE}" = protocol=17 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | "{BDCE60E6-17E9-4ECA-8922-6FDAFE6AAAAD}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{BEC8FE15-46E6-4814-BCE3-EC936E2D7542}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{BF9B8A4F-352C-4DE0-AEBB-910910479CE4}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0\ouservice\starmoneyonlineupdate.exe | "{C0539643-98A7-4CF5-8D82-BBF3DE08F509}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{CB420944-7069-406D-8AF2-388995903860}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{D92557FC-8454-4C9A-A722-2E1C0BB1C148}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{DD7B59B3-E71A-4B7E-9344-9823A905AA56}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EB080FBC-38E3-4C80-9383-E6443992CE1C}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0\app\starmoney.exe | "{F1D61347-67C1-427A-9096-B5E925E3A571}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit) "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{992B55F9-FD13-42C5-8B3C-B7E9F998A969}" = Microsoft SQL Server 2008 R2 Native Client "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{C017D5C7-E2C0-4276-8C8A-0CB6D5914DDD}" = Oracle VM VirtualBox 4.2.8 "{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}" = Microsoft SQL Server VSS Writer "GIMP-2_is1" = GIMP 2.8.4 "nbi-glassfish-mod-3.1.2.23.2" = GlassFish Server Open Source Edition 3.1.2.2 "nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3 "Sublime Text 2_is1" = Sublime Text 2.0.1 "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{3BDEDA44-E016-4643-A740-68618D8CCFA2}" = Microsoft SQL Server 2008 R2 RsFx Driver "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support "{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 SP2 Database Engine Shared "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}" = StarMoney "{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = SQL Server 2008 R2 SP2 Database Engine Services "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ "{8DD113A8-811A-404E-A4D7-443D014946AC}" = Microsoft SQL Server Browser "{92906ADC-9482-4DDB-870D-0F1F535EAD91}" = SQL Server 2008 R2 SP2 Common Files "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9EDF3504-9467-4A90-A2DB-662B95448C07}" = WISO Börse 2013 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB8A9818-0809-49A7-8A13-C08BD7F13A42}" = Microsoft SQL Server 2008 R2-Setup (Deutsch) "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 SP2 Database Engine Services "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}" = Adobe Fireworks CS6 "{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 SP2 Common Files "{DAC580DB-6629-43B9-98DD-8BABA515B958}" = WISO Mein Geld 2013 Professional "{E23D424C-A06B-4572-8A7C-6AD1F6EFA437}" = StarMoney 9.0 "{E9380A3D-7A10-4988-B2A1-22A41C137D9F}" = SQL Server 2008 R2 SP2 Database Engine Shared "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F902AB2B-7816-4CBD-A385-F2549F62956B}" = StarMoney "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Android SDK Tools" = Android SDK Tools "Aptana Studio 3" = Aptana Studio 3 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "FileZilla Client" = FileZilla Client 3.6.0.2 "Google Chrome" = Google Chrome "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 "Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de) "Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 108800" = Crysis 2 Maximum Edition "Steam App 209870" = Blacklight: Retribution "Steam App 230410" = Warframe "WISO Börse 2013" = WISO Börse 2013 "WISO Mein Geld 2013 Professional" = WISO Mein Geld 2013 Professional "xampp" = XAMPP 1.8.1 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 31.03.2013 07:14:41 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3312 Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 5703 Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 5703 Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 3062 Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 3062 Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9750 Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9750 [ System Events ] Error - 13.03.2013 04:17:07 | Computer Name = USER-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: NVIDIA driver update for NVIDIA GeForce GT 540M Error - 16.03.2013 09:09:19 | Computer Name = USER-Laptop | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?16.?03.?2013 um 00:24:52 unerwartet heruntergefahren. Error - 18.03.2013 10:39:58 | Computer Name = USER-Laptop | Source = DCOM | ID = 10016 Description = Error - 25.03.2013 09:39:21 | Computer Name = USER-Laptop | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 25.03.2013 09:39:21 | Computer Name = USER-Laptop | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 26.03.2013 18:27:42 | Computer Name = USER-Laptop | Source = DCOM | ID = 10000 Description = Error - 27.03.2013 10:44:12 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010 Description = Error - 27.03.2013 10:44:12 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010 Description = Error - 31.03.2013 06:52:54 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010 Description = Error - 31.03.2013 06:52:54 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010 Description = < End of report > |
04.04.2013, 11:23 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC sehr lahm & Taskmanager friert ein Hallo,
__________________Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten! Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
04.04.2013, 19:30 | #3 |
| PC sehr lahm & Taskmanager friert ein Nabend,
__________________nein Kaspersky hat bisher noch nie angeschlagen. Es existieren keine weiteren Logs. Habe Windows auch erst vor ein paar Wochen neu aufgesetzt. |
04.04.2013, 23:28 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC sehr lahm & Taskmanager friert ein Und zufälligerweise hast du das Problem seit der Neuinstallation oder wie? Bitte mehr Infos Welches Betriebssystem war denn vor der Neuinstallation drauf
__________________ Logfiles bitte immer in CODE-Tags posten |
05.04.2013, 12:37 | #5 |
| PC sehr lahm & Taskmanager friert ein Hatte vorher auch W8 Pro (64Bit) drauf. Aber ich habe festgestellt, dass wenn Kaspersky ausgeschaltet ist, dass das System wesentlich besser läuft. Kasperksy hat irgendwelche Probleme mit Java. Immer wenn Java im Hintergrund läuft, wird es problematisch. Vielleicht sollte ich den Support von Kaspersky mal anschreiben - da kauft man sich eine Antiviren Software und bekommt mehr Probleme als vorher Ich denke ich werde heute Ubuntu draufknallen. Aber dank dir |
05.04.2013, 13:59 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC sehr lahm & Taskmanager friert ein Typisch Security Suite, diese Teile sind die besten Systembremsen
__________________ --> PC sehr lahm & Taskmanager friert ein |
Themen zu PC sehr lahm & Taskmanager friert ein |
auslastung, autorun, bho, bonjour, down, ebanking, error, firefox, flash player, format, helper, homepage, iexplore.exe, install.exe, installation, internet security 2013, kaspersky, kaspersky internet security 2013, klelam.sys, langsam, logfile, nvpciflt.sys, plug-in, problem, registry, rundll, scan, security, sehr langsam, spotify web helper, starmoney, taskmanager, tastatur, virtualbox, visual studio, windows, wiso |