| |  Bundespolizei Virus Österreich kein abgesicheter modus
 Hallo
Habe mir den Bundespolizei Virus eingefangen.
Weißer Bildschirm kann nichts machen nur 100 € zahlen
Abgesichertermodus geht nicht der startet sofort neu.
Es geht nur der mit befehlseingabe.
Habe mit der OTL.exe einen Scan gemacht hier sind die logfiles Zitat:
OTL Extras logfile created on: 13.04.2013 09:40:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = h:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 7,27 Gb Available Physical Memory | 91,16% Memory free
16,93 Gb Paging File | 16,24 Gb Available in Paging File | 95,95% Paging File free
Paging file location(s): d:\pagefile.sys 0 0e:\pagefile.sys 1000 30000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 7,34 Gb Free Space | 13,15% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 137,03 Gb Free Space | 29,42% Space Free | Partition Type: NTFS
Drive E: | 148,95 Gb Total Space | 112,85 Gb Free Space | 75,76% Space Free | Partition Type: NTFS
Drive F: | 202,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 7,46 Gb Total Space | 7,46 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
Computer Name: FUNUR-PC | User Name: FUNUR | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{38B5D5F2-A63E-427E-8B65-555C0B3ABCBF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{659D24F8-9CCB-4693-B225-41AB7F257CDE}" = lport=137 | protocol=17 | dir=in | app=system |
"{69033D89-C823-4B01-822F-324A1835FD9B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8A8AAA61-6DC7-4260-9C4F-5C45EE81ECD4}" = rport=137 | protocol=17 | dir=out | app=system |
"{9691CB66-D62B-48A0-89BD-002C1B30DBD4}" = rport=138 | protocol=17 | dir=out | app=system |
"{96DF573A-73DE-45F2-B631-7816B46CA4E5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B43DE994-CB0F-49B2-BFEC-CD780D63069A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8182C0C-3E37-4379-861E-43AC201F80C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{CC3AD305-FAB2-4FDC-9E9F-31CD1E50DE80}" = lport=138 | protocol=17 | dir=in | app=system |
"{CFDB9E43-4A40-42CD-A4EC-1FE5EBF066D2}" = rport=445 | protocol=6 | dir=out | app=system |
"{D1F8A7B3-697F-4581-B05D-8C66C82F02AB}" = lport=445 | protocol=6 | dir=in | app=system |
"{EE7B933D-D153-4103-961B-2042220C8583}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0152C3A4-8697-42EF-8188-34EF33A2618C}" = protocol=58 | dir=in | app=system |
"{01AF0FC2-0231-4DFE-94E1-CB7D3E226A2A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{03ECE5CB-0276-4722-90DC-8187C3CE901B}" = protocol=17 | dir=in | app=e:\program files (x86)\guild wars 2\gw2.exe |
"{04BDC2BD-C70C-4BBE-9888-188DA4F1062A}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
"{0580DFA8-7C00-4214-AA2A-AD1D50D911EA}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{0600F10E-D467-436A-8E56-1FEEFD2CCEC3}" = protocol=17 | dir=in | app=d:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{07546486-208A-49A1-9176-486E71A3F262}" = protocol=6 | dir=in | app=d:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{0B01B837-0659-4B67-A2CF-8203C9F72DF9}" = protocol=17 | dir=in | app=e:\star wars-the old republic\launcher.exe |
"{0E2C3517-4392-4B9B-AA03-A42DD0A9C9FB}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{11EF34A2-E4AD-404D-9CE2-B59DDF35B0C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{158D7CA2-C152-4EE4-AD82-3F74D40B8242}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{17C98148-4E0C-45D8-A0F6-5C4D37DED572}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{1A032815-9C57-4A5C-B0F7-EF21EE469449}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{1CDFD587-5C1B-49F0-93AB-EBFE1FADD967}" = dir=in | app=e:\users\funur\documents\the war z\warz.exe |
"{2476E2DA-23A6-4275-8D4D-5403C0CD54B3}" = protocol=17 | dir=in | app=d:\games\battlefield 3\bf3.exe |
"{2885F3A8-EDA2-4A6D-BE73-C6AB2ACDA7C4}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{28D244DB-433A-4EAA-A250-0EE71240809C}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{28E3F91A-FF58-4105-AE2C-BB0802CBD212}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{2913B22C-3F59-49D6-814F-FEFACCD17A0F}" = protocol=6 | dir=in | app=c:\users\funur\appdata\roaming\dropbox\bin\dropbox.exe |
"{29C46C20-1C5D-4A2C-B254-1C78B17D35E4}" = protocol=6 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2.exe |
"{2C7FDC2E-320E-4C05-A417-800066967D9A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C978298-90C2-4C98-8B1A-C79403E5CB00}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{31073FFB-361A-47DB-94FF-79AEF2CDB80D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3AF2ECDF-651F-419B-9F73-A65CBF26F618}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{3D6198EA-68E7-4430-BCFC-13602C1D78B0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3DF5E087-3343-41C9-AE7A-E7C5D5324488}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{3F63BEB9-384C-4D3F-BAA0-0434E3CAE3FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4164E06F-D67B-462A-ABD3-1BA905B67786}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{41DCD882-0D20-4D5D-BD15-4CE2003AB507}" = protocol=17 | dir=in | app=e:\star wars-the old republic\swtor\retailclient\swtor.exe |
"{433AFE18-FD21-464E-8473-DEB68C28CEC0}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{43B8BD6D-62C3-4B04-BFD5-6BF02EAD7E40}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{43EF3999-3D8B-483E-8B35-69D6D98C21BF}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{49FBB596-9DF8-4E66-89CE-2E1E2B3EA088}" = protocol=17 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{4B9DB8AC-06CA-4FD4-907E-8CB68854AD68}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4C1655E9-AF8F-4384-B41E-AF7B13508FAA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4C354744-789E-415A-982C-2684BF844167}" = protocol=6 | dir=in | app=d:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{4E90EF95-2BF8-4861-8178-F549ECE54378}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{5118E9B6-07DC-4CB2-ADA3-DCAA86F4C19D}" = protocol=17 | dir=in | app=d:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{558F8C54-5FB2-4806-97B4-37C791BB32F8}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{5FF2F7D9-E04B-4B28-BB96-8EAF998BC50C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{613F4EC0-ED92-4A61-A159-86FAE6BA8442}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{632ED29B-8E3C-4E1F-AB67-616D94070A98}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{63BEB76B-5EF0-4947-9AEA-309F94A57AE4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{6F59BA03-7989-471F-B53E-14763DD08301}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{72DCD993-81B1-4D68-9232-81F841E26600}" = protocol=17 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"{766454C0-CB65-4564-B5F7-A58DC2780469}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7A11AE12-FBC3-4FDA-A980-D21BBBD5CF8B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7CE8A824-081C-4AD7-B08A-F33B0ABA0EDA}" = protocol=6 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"{8561811C-5984-42CD-8041-6D2F902D3A75}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8685E9E5-63B0-4B7C-9F4F-09707DB84F09}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{875A4DD4-D482-4916-9047-450F3BC0326E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{90EF19C1-8C3A-4616-B352-F689B7198573}" = protocol=6 | dir=in | app=e:\star wars-the old republic\launcher.exe |
"{92E7C1C5-7647-4D06-97CC-71959D870194}" = protocol=6 | dir=in | app=e:\star wars-the old republic\swtor\retailclient\swtor.exe |
"{945EC67B-0991-407A-BBC5-5E386B8626F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9617BDA5-3BAD-4C44-9304-1E11593253AA}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{9C5C7841-04A9-413F-9C6D-CAAA4180999B}" = protocol=17 | dir=in | app=c:\users\funur\appdata\roaming\dropbox\bin\dropbox.exe |
"{A0144967-C86A-4E70-B084-164EC619487A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{A0E2C2BC-C887-40DA-ACC2-B0B2976209A4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A322E6FC-4F83-43A5-B792-1D6E9DA03091}" = protocol=17 | dir=in | app=d:\program files\bohemia interactive\arma 2\arma2oa.exe |
"{A448ECE6-A2BC-4668-A7F0-D0C75787485B}" = protocol=6 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{AAA76A46-E6CD-49D9-8974-89AB1385398E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AB4F3B46-938D-41B3-949F-7B3FB792F391}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\swtor\retailclient\swtor.exe |
"{B0ABA6DD-C9C0-4E4B-9028-4038F7C94454}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B49FE07A-30C4-4658-AAD1-69AC822A8335}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{BC8B6C7A-3E4E-4E38-AAB7-E096F2A36DFD}" = protocol=6 | dir=in | app=e:\program files (x86)\guild wars 2\gw2.exe |
"{BCEFB81E-5208-48E0-9581-4F8C6373042D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{C24F3872-7750-4F33-BE58-E976382C0406}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C622331D-EAD6-4A7B-A017-0DCC5BD88A73}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft games\microsoft flight\flight.exe |
"{CCD267F3-C94D-4013-BFB3-2DEFA4C31894}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEC1D03D-773B-4AA3-ABC9-897F89A11A0E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CEE40062-4A35-4D42-A664-1E1980090E28}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D863180A-E52C-4672-A660-70876FB3A641}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D92886A6-DB7F-4F08-9FE0-89C737BD6821}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DACAD980-9CF6-4E89-BB6B-AF6443AD8CF4}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{DCF62788-ACD8-4DAF-A3CB-5D5C7E629920}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{E122339E-5828-4B13-A9A7-6253B2DAB374}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe |
"{E85010D2-E3C5-43C5-A70E-C8D6E37083F5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{EF3A83D2-DB90-4994-8312-FA595FB1A3D5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F1D56CF0-E4A9-4086-97B4-8BA2B2F2B4D5}" = protocol=6 | dir=in | app=d:\games\battlefield 3\bf3.exe |
"{F254F94E-8486-4AE5-9780-31736E263869}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{F458A749-86DB-4376-8E08-339521265792}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{F9BE2474-9502-4D2C-9A74-1F64F526F62E}" = protocol=6 | dir=in | app=d:\leistung&diagnose tools\ai suite ii\asus mobilink\iphone simulator\pnsvc.exe |
"{FA2D83C1-A428-494F-804A-7BC679CD29E6}" = dir=in | app=d:\program files (x86)\itunes\itunes.exe |
"TCP Query User{3849AAC7-89A7-453D-93F5-12D16633FD90}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{5A25143A-7EA2-4975-AF3B-429739357426}D:\program files\bin\javaw.exe" = protocol=6 | dir=in | app=d:\program files\bin\javaw.exe |
"TCP Query User{96BFD5DB-ACF4-4CC4-A2FF-85BD78449E70}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{9EFB3D9C-F078-4224-87B3-CAFACD3FF667}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A091A0B5-528B-412B-9C1A-49B4A6AEB9D0}D:\program files (x86)\dreamstream-e2\dreamstream.exe" = protocol=6 | dir=in | app=d:\program files (x86)\dreamstream-e2\dreamstream.exe |
"TCP Query User{AAA4AB77-55EC-4453-BF61-B7CB336EB130}E:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=6 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"TCP Query User{D3A7459B-4EA9-481D-B600-8EBE6CACBD4C}E:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=e:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{EC35945C-9EC0-4A5C-B2DF-9D75264450D1}E:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"TCP Query User{F7D78407-8E1C-4662-9882-CD847415E88A}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{21DF033A-2050-4B90-BB6A-3E4E1272A54E}E:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=17 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"UDP Query User{29767659-5855-4F64-AA7D-4577FD9A6BF2}D:\program files\bin\javaw.exe" = protocol=17 | dir=in | app=d:\program files\bin\javaw.exe |
"UDP Query User{3EFEEDA8-1098-4C39-B893-0FA4E8E555E8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6EBFA1C9-EAD7-4BF5-90F4-05A0595FF8CA}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{7F7910FE-4E1A-4623-BC55-724128976C1A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{803721A8-9E28-4011-8526-7C6FDB283289}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{83E94461-AF3D-4479-9A9F-710E2D7EAFA7}E:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=e:\users\public\sony online entertainment\installed games\planetside 2\planetside2.exe |
"UDP Query User{9EE7D471-97C4-4677-8546-8B6B7E33F9EC}D:\program files (x86)\dreamstream-e2\dreamstream.exe" = protocol=17 | dir=in | app=d:\program files (x86)\dreamstream-e2\dreamstream.exe |
"UDP Query User{BA0989B9-8B67-4B2B-AE6F-472A0588DF0F}E:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=e:\program files (x86)\guild wars 2\gw2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{127B5371-1802-4EDD-A25A-A43BF761D383}" = PBO Manager v.1.4 beta
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server-Connector
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 8.12
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B408139D-04D6-4464-A979-D335E48F7063}" = NaturalPoint USB Drivers x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"IvAi_is1" = IvAi v1.0.0 b150
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0214578F-4888-43FB-9E34-C14FCFDEDDEB}" = Razer Nostromo
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07CC448E-4FFC-444F-999D-10F11AE559FB}" = aerosoft's - Mallorca X for FSX
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F5E7FC8-3D49-47DA-9A51-6A8B4BE393B0}" = aerosoft's - Mega Airport Paris CDG X
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1AF39B3E-954C-4ADB-BD31-D29F653D4B22}" = PMDG744XF_GE_BRF
"{1D67FB28-58DA-4425-B426-99E894468197}" = PMDG744X_PW_IB
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}" = PMDG744X_GE_LH
"{20708FD5-E94D-4097-A21E-E28564CDBC06}" = PMDG 737 8900 NGX
"{20B3074F-F200-4A50-9231-6FE3E0CF3F05}" = PMDG744XF_GE_EKF
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2A9A269C-1C36-493C-96D8-60B23FAB2E10}" = FSC
"{2f2e6053-043c-4d69-94d0-4d42304ea4ee}" = TrackIR 5
"{2F4AF40B-433A-494E-BB41-816D113F32BA}" = aerosoft's - Mega Airport London Heathrow X
"{31C2BE56-FC30-4EC8-9E53-509252008243}" = PMDG744XF_GE_AFF
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40F75775-0940-4F2D-B43F-2BB37E51F13A}" = PMDG744X_GE_SV
"{42DCB650-F003-4535-A5CD-32AD815CD2DD}" = Play withSIX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CFCC6FD-AEA2-4208-99A6-45CBF9DFFD82}" = Real Environment Xtreme
"{4D5308D2-6B0A-4BB0-809F-AE1000028101}" = Microsoft Flight
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{520C2FC2-F39B-4B95-BDA9-3FB6BCA135BF}" = PMDG744XF_GE_XHF
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6E19AEFD-7F83-4563-A7B5-F61CABF02400}" = DayZ Commander
"{70D78DCD-8369-4857-BFEF-021C9899DA75}" = PMDG744X_GE_AF
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8233F99B-C4C2-44E9-8486-374E9B300BF2}" = aerosoft's - Mega Airport Madrid Barajas
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A3D1E45-8D8C-4FC6-A769-DF1232776190}" = PMDG744X_GE_AC
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{96E1C9EE-5109-41FA-B412-E3358626051D}" = PMDG744X_PW_NW3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C979BC5-0B86-47A1-B6C1-6057297DB61C}" = PMDG744X_RR_BA
"{9EF4E550-0D15-4047-AABF-ACD47CC3623B}" = PMDG744XF_GE_KLF
"{A1D97ADB-EFF4-4F31-B286-873F06AC6496}" = PMDG744X_GE_NH
"{ABD462F9-7436-4086-A65B-AC6360ED45FC}" = PMDG744XF_RR_CXF
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAEE0C24-C8C2-4820-9DF4-887909F1A286}" = aerosoft's - Mega Airport Frankfurt X
"{BF05DD52-4D84-474D-A7ED-F1DCAAE39E82}" = PMDG744XF_RR_CVF3
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CED6EAB9-9FFD-44B2-939A-D77905AD35F3}" = PMDG_MD11_FSX
"{D4CF23EE-B0B6-4E5F-A335-8E63F8AFAC98}" = PMDG744X_GE_KL
"{D86B0FD3-5506-4230-97E1-77303E3AC063}_is1" = Active Sky 2012
"{DBDF2E37-701F-416F-92F6-1A239C666AA3}" = Real Environment Xtreme Essential
"{E110F951-FDE7-46AF-A469-C234666E98EF}" = PMDG744XF_GE_VC25A
"{E45EC4EA-CE0C-4F1C-9DA4-908A5860CDBA}" = PMDG744XF_GE_5XF
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}" = Microsoft Flight Simulator X Service Pack 2
"{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}" = PMDG744X_PW_UA3
"{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga
"{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}" = PMDG 747-400/400F for FSX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3CA05B7-B4C0-4C9B-AAA6-16B868B35DF2}" = TrackIR5
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F77ABA68-8AC4-497E-9FFA-9CA4506B78FC}" = PMDG744XF_PW_FXF
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9217D1C-DF96-4C23-8B43-EC60B9C40CB1}" = Navigraph nDAC 3
"{F941AABE-E868-42D9-9F38-884250F7898A}" = aerosoft's - FlightSim Commander 9
"{FB647DBE-2231-405D-AC36-C73246CBE305}" = PMDG BAe JS4100
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"767CAPTAIN" = 767 Captain (767-300 Base Pack)
"845CCCCA-B77C-43EA-9A43-62DACEA4F902" = DreamStream E2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArmA 2" = ArmA 2 Uninstall
"Arma 2 Army of The Czech Republic (LITE)" = Arma 2 Army of The Czech Republic (LITE) Uninstall
"Arma 2 British Armed Forces" = Arma 2 British Armed Forces Uninstall
"ARMA 2 Operation Arrowhead" = ARMA 2 Operation Arrowhead Uninstall
"Arma 2 Private Military Company" = Arma 2 Private Military Company Uninstall
"ASIO4ALL" = ASIO4ALL
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.5.3
"Flight Environment X" = Flight Environment X
"FS Global 2010" = FS Global 2010
"FSBuild 2" = FSBuild 2
"Ground Environment X Europe" = Ground Environment X Europe
"Guild Wars 2" = Guild Wars 2
"ImgBurn" = ImgBurn
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"IvAc_is1" = IvAc v1.2.4 (b225)
"IvAe_is1" = The Eye v1.0.8 (b367)
"IvAp-v2_is1" = IvAp v2.0.2 (build 2773)
"LogMeIn Hamachi" = LogMeIn Hamachi
"MPE" = MyPhoneExplorer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.15.1748" = Opera 12.15
"Origin" = Origin
"PrecisionX" = EVGA Precision X 3.0.2
"QuteScoop 2.0rc21" = QuteScoop
"Steam App 107410" = Arma 3 Alpha
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 65800" = Dungeon Defenders
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"x772" = 777 Captain (777-200) 0.500
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Aerosoft Mega Airport Munich v 1.00 for FSX" = Aerosoft Mega Airport Munich v 1.00 for FSX
"Dropbox" = Dropbox
"E-Jets v2 World Airliners 1 (v1.0b021)" = E-Jets v2 World Airliners 1 (v1.0b021)
"E-Jets v2 World Airliners 2 (v1.1b024)" = E-Jets v2 World Airliners 2 (v1.1b024)
"FeelThere E-Jets v.2" = FeelThere E-Jets v.2
"Ground Environment X USA-Canada" = Ground Environment X USA-Canada
"MyFreeCodec" = MyFreeCodec
"SOE-C:/Users/FUNUR/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"SOE-E:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2" = gamelauncher-ps2-live
"SOE-E:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta" = gamelauncher-code4344-beta
"soe-PlanetSide 2" = PlanetSide 2
"Ultimate Terrain X - Europe" = Ultimate Terrain X - Europe
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.04.2013 08:45:42 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10.04.2013 09:42:17 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10.04.2013 12:01:56 | Computer Name = FUNUR-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\leistung&diagnose
tools\ai suite ii\asus mobilink\simulator\killproc.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.04.2013 12:39:41 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10.04.2013 13:44:43 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 11.04.2013 11:21:40 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 11.04.2013 12:38:56 | Computer Name = FUNUR-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\leistung&diagnose
tools\ai suite ii\asus mobilink\simulator\killproc.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12.04.2013 07:39:25 | Computer Name = FUNUR-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\leistung&diagnose
tools\ai suite ii\asus mobilink\simulator\killproc.exe". Die abhängige Assemblierung
"Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12.04.2013 08:23:10 | Computer Name = FUNUR-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 12.04.2013 12:27:59 | Computer Name = FUNUR-PC | Source = Application Hang | ID = 1002
Description = Programm fsx.exe, Version 10.0.61472.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1cb4 Startzeit:
01ce379a7455b14f Endzeit: 20 Anwendungspfad: D:\Program Files (x86)\Microsoft Games\Microsoft
Flight Simulator X\fsx.exe Berichts-ID: ede95744-a38d-11e2-8a47-5404a6699117
[ System Events ]
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IP-Hilfsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:26:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD AsIO AsUpIO DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
Error - 13.04.2013 03:28:37 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 13.04.2013 03:38:40 | Computer Name = FUNUR-PC | Source = DCOM | ID = 10005
Description =
Error - 13.04.2013 03:39:25 | Computer Name = FUNUR-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst
"DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
| Zitat:
OTL logfile created on: 13.04.2013 09:40:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = h:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 7,27 Gb Available Physical Memory | 91,16% Memory free
16,93 Gb Paging File | 16,24 Gb Available in Paging File | 95,95% Paging File free
Paging file location(s): d:\pagefile.sys 0 0e:\pagefile.sys 1000 30000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 7,34 Gb Free Space | 13,15% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 137,03 Gb Free Space | 29,42% Space Free | Partition Type: NTFS
Drive E: | 148,95 Gb Total Space | 112,85 Gb Free Space | 75,76% Space Free | Partition Type: NTFS
Drive F: | 202,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 7,46 Gb Total Space | 7,46 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
Computer Name: FUNUR-PC | User Name: FUNUR | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.13 09:29:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- h:\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - [2013.03.27 21:06:23 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.03.17 12:29:42 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.20 19:13:35 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.02.10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.02.07 14:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.10 18:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.10.06 12:07:00 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.05.22 17:12:00 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.01.10 15:48:32 | 000,231,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV - [2011.01.10 15:47:54 | 000,109,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Home Server\esClient.exe -- (esClient)
SRV - [2011.01.10 15:47:42 | 000,489,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Home Server\WHSConnector.exe -- (WHSConnector)
SRV - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010.10.27 17:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.08 16:16:20 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.09.28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.09.19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 23:09:10 | 000,038,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npusbio_x64.sys -- (npusbio)
DRV:64bit: - [2012.05.03 12:33:28 | 000,015,768 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVVideoCardMirror.sys -- (AirDisplayMirror)
DRV:64bit: - [2012.05.03 12:33:28 | 000,015,768 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVVideoCard.sys -- (AirDisplay)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.16 13:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.01.10 15:16:57 | 000,216,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2012.01.10 15:16:57 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012.01.10 15:16:57 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2011.07.14 18:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011.04.26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.24 15:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.24 11:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.02.24 11:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.22 09:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.08 15:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010.10.27 16:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010.10.27 16:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010.10.27 16:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010.10.27 16:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010.10.27 16:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010.10.27 16:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.08.17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009.11.23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.01 12:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012.10.29 13:09:26 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.at/ [binary data]
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=hp&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 44 E2 72 28 09 CD 01 [binary data]
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=ds&q={searchTerms}&installDate={installDate}
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3159596304-311636187-174254376-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: D:\Program Files\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found
[2013.03.23 19:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FUNUR\AppData\Roaming\mozilla\Extensions
[2012.05.21 16:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FUNUR\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.03.23 19:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FUNUR\AppData\Roaming\mozilla\Extensions\prism@developer.mozilla.org
========== Chrome ==========
CHR - homepage: hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=AT&userid=1f57d2d1-7b8b-44cf-b11d-81308e5ddb63&searchtype=hp&installDate=01/01/1970
CHR - Extension: No name found = C:\Users\FUNUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\
O1 HOSTS File: ([2012.07.10 19:57:58 | 000,000,895 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 113.105.152.25 www.precisionmanuals.com
O1 - Hosts: 127.0.0.1 serials.wilcopub.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS ShellProcess Execute] D:\Leistung&Diagnose Tools\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] D:\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe (Razer USA Ltd)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [] D:\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [KiesAirMessage] D:\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [KiesPreload] D:\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [NaturalPoint] E:\Program Files (x86)\NaturalPoint\TrackIR5\TrackIR5.exe (NaturalPoint, Inc.)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3159596304-311636187-174254376-1000..\Run: [TomTomHOME.exe] "D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\FUNUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\FUNUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\FUNUR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\FUNUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3159596304-311636187-174254376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3159596304-311636187-174254376-1000\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/AT/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3159596304-311636187-174254376-1000 Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3159596304-311636187-174254376-1000 Winlogon: Shell - (C:\Users\FUNUR\AppData\Roaming\skype.dat) - C:\Users\FUNUR\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.11 14:09:10 | 000,184,320 | R--- | M] () - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2001.09.10 11:36:38 | 000,000,047 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{4c745995-26ae-11e1-8719-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4c745995-26ae-11e1-8719-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{74c9118e-bc5d-11e1-bafb-5404a6699117}\Shell - "" = AutoRun
O33 - MountPoints2\{74c9118e-bc5d-11e1-bafb-5404a6699117}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{917cfb1a-3b8d-11e1-bfd4-5404a6699117}\Shell - "" = AutoRun
O33 - MountPoints2\{917cfb1a-3b8d-11e1-bfd4-5404a6699117}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{a6587cd1-2741-11e1-b582-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a6587cd1-2741-11e1-b582-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2009.01.11 14:09:10 | 000,184,320 | R--- | M] ()
O33 - MountPoints2\{b7628024-98d4-11e1-88b0-5404a6699117}\Shell - "" = AutoRun
O33 - MountPoints2\{b7628024-98d4-11e1-88b0-5404a6699117}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.10 19:55:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.10 19:55:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.10 19:55:30 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 19:55:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.10 19:55:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.10 19:55:30 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 19:55:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 19:55:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.10 19:55:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.10 19:55:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 19:55:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.10 19:55:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.10 19:55:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 19:55:29 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 19:55:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.10 14:50:05 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 14:50:05 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 14:50:05 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 14:50:05 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 14:50:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 14:50:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 14:50:03 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 14:50:03 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 14:50:03 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 14:50:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 14:50:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 14:50:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.09 14:09:59 | 000,000,000 | R--D | C] -- C:\Users\FUNUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.03.27 17:21:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.23 19:38:31 | 000,000,000 | ---D | C] -- C:\Users\FUNUR\AppData\Local\Prism
[2013.03.23 19:37:54 | 000,000,000 | ---D | C] -- C:\Users\FUNUR\AppData\Roaming\prism
[2013.03.23 19:37:41 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013.03.21 19:09:20 | 000,000,000 | ---D | C] -- C:\Users\FUNUR\AppData\Local\Programs
[2013.03.21 19:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NaturalPoint
[2013.03.21 18:28:41 | 000,000,000 | ---D | C] -- C:\Users\FUNUR\Desktop\PMDG_1303
[2013.03.16 20:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.16 20:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.16 20:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.13 09:39:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.13 09:39:24 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.13 09:39:24 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.13 09:39:24 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.13 09:39:24 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.13 09:26:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.13 09:26:36 | 2129,195,007 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.13 09:23:38 | 000,000,004 | ---- | M] () -- C:\Users\FUNUR\AppData\Roaming\skype.ini
[2013.04.13 09:22:26 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2013.04.12 19:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.12 15:58:03 | 000,012,854 | ---- | M] () -- C:\Users\FUNUR\Desktop\journal-details_2013-04-12_15-58-04.pdf
[2013.04.12 15:57:53 | 000,012,822 | ---- | M] () -- C:\Users\FUNUR\Desktop\journal-details_2013-04-12_15-57-53.pdf
[2013.04.12 13:54:11 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.12 13:54:11 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.12 13:53:46 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.04.12 13:26:27 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 13:26:27 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 17:12:32 | 000,000,731 | ---- | M] () -- C:\Users\FUNUR\Desktop\IvAi - IVAO Interface.lnk
[2013.04.11 16:45:00 | 000,283,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 17:08:40 | 000,000,761 | ---- | M] () -- C:\Users\FUNUR\Desktop\IvAc - IVAO Virtual ATC Client.lnk
[2013.04.04 17:43:36 | 000,001,049 | ---- | M] () -- C:\Users\FUNUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.31 21:48:46 | 000,002,000 | -H-- | M] () -- C:\Users\FUNUR\Documents\Default.rdp
[2013.03.27 21:06:23 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.25 20:11:24 | 004,033,305 | ---- | M] () -- C:\Users\FUNUR\Desktop\swiss lips.mp3
[2013.03.21 19:08:27 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2013.03.21 18:42:39 | 000,000,801 | ---- | M] () -- C:\Users\FUNUR\Desktop\Teamspeak 2 RC2.lnk
[2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.03.17 12:29:42 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.17 12:29:42 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.12 15:58:02 | 000,012,854 | ---- | C] () -- C:\Users\FUNUR\Desktop\journal-details_2013-04-12_15-58-04.pdf
[2013.04.12 15:57:53 | 000,012,822 | ---- | C] () -- C:\Users\FUNUR\Desktop\journal-details_2013-04-12_15-57-53.pdf
[2013.04.12 15:29:03 | 000,000,004 | ---- | C] () -- C:\Users\FUNUR\AppData\Roaming\skype.ini
[2013.04.11 17:12:32 | 000,000,731 | ---- | C] () -- C:\Users\FUNUR\Desktop\IvAi - IVAO Interface.lnk
[2013.04.10 17:08:40 | 000,000,761 | ---- | C] () -- C:\Users\FUNUR\Desktop\IvAc - IVAO Virtual ATC Client.lnk
[2013.03.27 21:02:15 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.27 21:02:15 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.27 21:01:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.25 20:11:18 | 004,033,305 | ---- | C] () -- C:\Users\FUNUR\Desktop\swiss lips.mp3
[2013.03.21 19:08:27 | 000,002,104 | ---- | C] () -- C:\Users\Public\Desktop\TrackIR v5.lnk
[2012.11.09 16:04:42 | 000,224,644 | ---- | C] () -- C:\ProgramData\1352469743.bdinstall.bin
[2012.11.09 15:47:47 | 000,663,823 | ---- | C] () -- C:\ProgramData\1352468543.bdinstall.bin
[2012.10.29 13:09:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.08.28 10:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.08.28 10:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.08.28 10:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.08.28 10:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.05.29 20:11:03 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\DBCDBF32.DLL
[2012.05.29 20:11:03 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\dbcmdb32.dll
[2012.05.29 20:11:03 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\dbcjpg32.dll
[2012.05.29 20:11:03 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\DBCMEM32.DLL
[2012.05.29 20:11:03 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dbcgeo32.dll
[2012.05.24 19:04:51 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\zlib1i.dll
[2012.05.12 13:37:17 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\msilgv32.dll
[2012.05.08 09:41:21 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2012.01.11 10:15:50 | 000,066,048 | ---- | C] () -- C:\Users\FUNUR\AppData\Roaming\skype.dat
[2012.01.10 19:08:42 | 000,095,636 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.12.15 19:20:02 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\IccLibDll.dll
[2011.12.15 19:17:22 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.12.15 19:17:19 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.12.15 19:06:44 | 000,039,968 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.12.15 19:05:45 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.12.15 19:05:41 | 000,027,873 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
|
Bitte um hilfe
|
13.04.2013, 08:51
+ R Taste, schreibe "notepad" in das Ausführen Fenster und drücke OK.
Linear-Darstellung
