| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: CPU-Auslastung von meinem Laptop sehr hoch!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.05.2013, 13:22
| #16 |
 |  CPU-Auslastung von meinem Laptop sehr hoch! Ich habe die C:\Combofix.txt nicht gefunden.. Ich habe meinen Laptop neu gestartet und im Abgesicherten Modus mit Netzwerktreiben hochgefahren, Combofix neu gedownloadet und es ausgeführt. Dann habe ich Combofix 24 Stunden durchlaufen lassen. Als ich dann nachgeschaut habe wie weit Combofix ist, stand es immernoch auf "Bereite Logdatei vor. Starte keine anderen Programme bevor Combofix fertig ist!". Ich habe keine Ahnung warum? Gruß Kilian |
|
19.05.2013, 12:28
| #17 |
| /// Malwareteam   | CPU-Auslastung von meinem Laptop sehr hoch! Hallo
__________________dann machen wir es erstmal anders... du hast da einiges an Software auf dem System was wir erstmal deinstallieren müssen... Schritt 1 Deinstalliere bitte folgende Programme Code:
ATTFilter BrowserProtect
Ask Toolbar
Babylon Chrome Toolbar
Babylon toolbar on IE
Delta toolbar
Incredibar Toolbar on IE
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Starte bitte OTL.exe und drücke den Quick Scan Button. Poste die OTL.txt hier in deinen Thread. Teste bitte ob sich die Auslastung deines Rechners nach diesen Schritten verändert. Schritt 4: gehe bitte auf die Seite https://www.virustotal.com/de/ und wähle folgende Datei aus: Code:
ATTFilter C:\book\data\NetFramewk.exe
__________________ |
|
19.05.2013, 19:17
| #18 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Hi,
__________________ich habe die Programme deinstalliert die ich deinstallieren sollte. Hier die Logdatei von AdwCleaner: Code:
ATTFilter # AdwCleaner v2.301 - Datei am 19/05/2013 um 19:30:35 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Kilian - KILIAN-LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Kilian\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : IBUpdaterService
Gestoppt & Gelöscht : Web Assistant Updater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\extensions\addon@defaulttab.com.xpi
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\browsemngr.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\search-here.xml
Datei Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchplugins\zonealarm.xml
Datei Gelöscht : C:\Windows\Tasks\AmiUpdXp.job
Ordner Gelöscht : C:\Program Files (x86)\searchresults1
Ordner Gelöscht : C:\Program Files (x86)\yourfiledownloader
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\Users\Kilian\AppData\Local\APN
Ordner Gelöscht : C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Ordner Gelöscht : C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\Kilian\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Kilian\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Kilian\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Kilian\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Kilian\AppData\LocalLow\searchresults1
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\DefaultTab
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\extensions\{94366e2c-9923-431c-b0d6-747447dd0f2b}
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\searchresults1
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Kilian\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~2\261249~1.132\{c16c1~1\browserprotect.dll
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~2\261249~1.132\{c16c1~1\browserprotect.dll
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~2\261249~1.132\{c16c1~1\browserprotect.dll
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DefaultTab
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Default Tab
Schlüssel Gelöscht : HKCU\Software\DefaultTab
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\searchresults1
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\522dadce134bd43
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Default Tab
Schlüssel Gelöscht : HKLM\Software\DefaultTab
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\522dadce134bd43
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\searchresults1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{94366E2C-9923-431C-B0D6-747447DD0F2B}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\prefs.js
C:\Users\Kilian\AppData\Roaming\Mozilla\Firefox\Profiles\l30l3p3n.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "9445e8a200000000000000ff2dcb8a6f");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15658");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.817:22:04");
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.babTrack", "affID=117380&tt=4612_3");
Gelöscht : user_pref("extensions.delta.bbDpng", "14");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.hdrMd5", "D0B5D97CC2CDEDEDCA7432DE6BB2EDAC");
Gelöscht : user_pref("extensions.delta.id", "9445e8a2000000000000e64619147256");
Gelöscht : user_pref("extensions.delta.instlDay", "15834");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.16.160:01:08");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.sg", "azb");
Gelöscht : user_pref("extensions.delta.smplGrp", "azb");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.160:01:08");
Gelöscht : user_pref("extensions.wajam.affiliate_id", "3004");
Gelöscht : user_pref("extensions.wajam.firstrun", "false");
Gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21086\",\"supported_sites\":{\[...]
Gelöscht : user_pref("extensions.wajam.no_trace", "false");
Gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21086");
Gelöscht : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAM[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.ebay_product.wajam_se_js", "try {window['APP_LABEL_NAME'[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.ebay_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = '[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] =[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wa[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Gelöscht : user_pref("extensions.wajam.trace_log", "1368318482636 - processInstallationUpgrade - isFirstTimeIns[...]
Gelöscht : user_pref("extensions.wajam.unique_id", "32BF767A27A2AD49035CA4CC2B8B7291");
Gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gelöscht : user_pref("extensions.wajam.version", "1.25");
Gelöscht : user_pref("extensions.wajam.website_version", "1.00267.0");
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2095] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE",
*************************
AdwCleaner[S1].txt - [25371 octets] - [19/05/2013 19:30:35]
########## EOF - C:\AdwCleaner[S1].txt - [25432 octets] ##########
Code:
ATTFilter OTL logfile created on: 5/19/2013 7:40:47 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kilian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: Vereinigte Staaten von Amerika | Language: ENU | Date Format: M/d/yyyy 6.99 Gb Total Physical Memory | 4.97 Gb Available Physical Memory | 71.12% Memory free 13.98 Gb Paging File | 11.58 Gb Available in Paging File | 82.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 683.54 Gb Total Space | 332.84 Gb Free Space | 48.69% Space Free | Partition Type: NTFS Computer Name: KILIAN-LAPTOP | User Name: Kilian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Kilian\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.) PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project) PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll () MOD - C:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations) SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project) SRV - (FirebirdServerDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (REN2CAP_DRIVER) -- C:\Windows\SysNative\drivers\ren2cap.sys () DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC) DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{30A115AA-D9E9-407C-AF27-37E22BF29F72}: "URL" = hxxp://www.mysearchresults.com/search?&c=4001&t=10&q={searchTerms} IE - HKCU\..\SearchScopes\{3FF06EA6-BEAD-4FEE-9F6F-F51852E527D7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=74dcd875-20a9-43ac-8cdd-add0bbd549b9&apn_sauid=38A1EADB-1CC5-4F4C-9983-9607AFAA5274 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.0 FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0 FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.25 FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.9.20130409112616 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1 FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.0.8 FF - prefs.js..network.proxy.type: 0 FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.startup.homepage: FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kilian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/13 20:09:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}: C:\Program Files\KeyLemon\extension\{59d42255-7f9c-49e5-8e68-a5fd16d06d76} FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/03/22 06:08:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/03/13 20:09:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M] [2012/11/14 18:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Extensions [2013/05/19 19:30:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions [2013/04/10 23:02:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013/01/10 18:43:33 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\battlefieldplay4free@ea.com [2013/02/05 18:55:32 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\info@djzig.com [2012/08/25 14:09:56 | 000,077,464 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\ciuvo-extension@billiger.de.xpi [2013/05/07 19:37:58 | 000,534,214 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013/05/08 22:27:56 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/04/12 16:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/04/12 16:53:35 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/09/23 14:41:48 | 002,557,440 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll [2012/10/23 20:43:52 | 001,623,552 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2013/01/17 02:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013/01/17 02:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/01/17 02:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013/01/17 02:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013/01/17 02:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013/01/17 02:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\npbrowserext.dll CHR - plugin: Wajam (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: New Tab for Chrome = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0\ O1 HOSTS File: ([2013/05/16 21:55:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [ISW] File not found O4:64bit: - HKLM..\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe () O4:64bit: - HKLM..\Run: [KeyLemon Updater] C:\Programme\KeyLemon\KLUpdater.exe () O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [Facebook Update] C:\Users\Kilian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [NetFramewk.exe] C:\book\data\NetFramewk.exe (Microsoft@2012) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab (DLM Control) O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll (Flatcast Viewer 5.3) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70A28DBD-5880-45F5-B091-41405292A075}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/05/19 19:39:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2013/05/18 21:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/05/18 21:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013/05/17 14:03:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/05/16 21:55:16 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/05/16 21:38:06 | 000,000,000 | ---D | C] -- C:\ComboFix [2013/05/16 21:35:55 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe [2013/05/15 20:04:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/05/15 20:04:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/05/15 20:04:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/05/15 20:04:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/05/15 20:03:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/05/14 22:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2013/05/14 22:54:28 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Intel Corporation [2013/05/13 20:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013/05/13 19:43:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Rockstar Games [2013/05/13 19:40:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2013/05/13 19:39:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2013/05/13 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Rockstar Games [2013/05/13 19:38:53 | 000,000,000 | RH-D | C] -- C:\Users\Kilian\AppData\Roaming\SecuROM [2013/05/13 19:38:52 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2013/05/13 19:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE [2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2013/05/11 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\DomeKilian [2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013/05/10 02:36:28 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013/05/09 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Avira [2013/05/09 20:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013/05/09 20:31:57 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/05/09 20:31:57 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/05/09 20:31:57 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/05/09 20:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013/05/09 20:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013/05/09 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\CheckPoint [2013/05/09 14:32:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD [2013/05/09 14:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2013/05/09 13:58:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Win-RAR Archive [2013/05/05 21:08:36 | 000,000,000 | R--D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2013/05/01 18:42:43 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV [2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptigo [2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cryptigo [2013/04/22 18:23:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Neuer Taskmanager [2013/04/21 19:51:13 | 000,000,000 | ---D | C] -- C:\Riot Games [2013/04/21 19:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1 [2013/04/21 15:34:57 | 000,000,000 | R--D | C] -- C:\Users\Kilian\Documents\Praktikum 08.04.13 - 27.04.13 [2013/04/20 17:31:12 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Zattoo [2013/04/20 17:31:03 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2013/04/20 17:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4 [2013/04/20 17:31:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zattoo4 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/05/19 19:42:51 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/19 19:42:51 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/19 19:39:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2013/05/19 19:34:07 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/05/19 19:33:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/19 19:33:25 | 1334,202,367 | -HS- | M] () -- C:\hiberfil.sys [2013/05/19 19:20:38 | 000,632,031 | ---- | M] () -- C:\Users\Kilian\Desktop\adwcleaner.exe [2013/05/19 19:13:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/05/19 18:58:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/05/19 18:52:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job [2013/05/19 17:52:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job [2013/05/19 17:00:29 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job [2013/05/18 21:16:15 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/05/18 20:00:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job [2013/05/18 19:09:42 | 001,616,954 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/05/18 19:09:42 | 000,698,374 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/05/18 19:09:42 | 000,653,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/05/18 19:09:42 | 000,149,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/05/18 19:09:42 | 000,121,814 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/05/16 21:55:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/05/16 21:35:49 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe [2013/05/16 15:07:32 | 005,056,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/14 00:55:42 | 000,000,600 | ---- | M] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND [2013/05/13 19:38:52 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2013/05/13 19:15:55 | 000,057,784 | ---- | M] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip [2013/05/13 16:33:53 | 000,377,856 | ---- | M] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe [2013/05/13 16:32:11 | 000,000,168 | ---- | M] () -- C:\Users\Kilian\defogger_reenable [2013/05/13 16:30:57 | 000,050,477 | ---- | M] () -- C:\Users\Kilian\Desktop\Defogger.exe [2013/05/12 20:53:08 | 000,007,598 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg [2013/05/12 01:01:20 | 000,001,456 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2013/05/10 02:36:17 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/05/09 20:32:42 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013/05/09 20:31:30 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/05/09 20:31:30 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/05/09 20:31:30 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/05/09 14:04:40 | 000,035,048 | ---- | M] () -- C:\Windows\temp.bmp [2013/05/04 02:05:32 | 000,017,408 | ---- | M] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db [2013/04/29 02:03:18 | 000,002,019 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg [2013/04/28 15:39:10 | 000,001,640 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg [2013/04/21 15:15:41 | 000,001,634 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk [2013/04/20 19:44:30 | 895,698,743 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/04/20 17:31:04 | 000,001,832 | ---- | M] () -- C:\Users\Kilian\Desktop\Zattoo.lnk [2013/04/19 22:40:25 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe [2013/04/19 22:40:25 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/05/19 19:20:55 | 000,632,031 | ---- | C] () -- C:\Users\Kilian\Desktop\adwcleaner.exe [2013/05/18 21:16:15 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/05/15 20:04:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/05/15 20:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/05/15 20:04:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/05/15 20:04:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/05/15 20:04:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/05/13 19:15:55 | 000,057,784 | ---- | C] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip [2013/05/13 16:34:00 | 000,377,856 | ---- | C] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe [2013/05/13 16:32:11 | 000,000,168 | ---- | C] () -- C:\Users\Kilian\defogger_reenable [2013/05/13 16:30:56 | 000,050,477 | ---- | C] () -- C:\Users\Kilian\Desktop\Defogger.exe [2013/05/09 20:32:42 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013/04/20 17:31:12 | 000,017,408 | ---- | C] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db [2013/04/20 17:31:04 | 000,001,832 | ---- | C] () -- C:\Users\Kilian\Desktop\Zattoo.lnk [2013/03/23 20:04:12 | 000,213,173 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\UserTile.png [2013/02/10 21:16:31 | 000,002,349 | ---- | C] () -- C:\Users\Kilian\test.php [2013/01/08 20:30:45 | 000,003,315 | ---- | C] () -- C:\Users\Kilian\AppData\Local\recently-used.xbel [2013/01/08 18:14:41 | 000,001,456 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs [2012/12/09 01:58:04 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2012/11/25 02:02:47 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen [2012/11/06 00:10:59 | 000,281,120 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/11/06 00:10:59 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/10/23 22:09:28 | 000,001,640 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg [2012/10/23 22:09:12 | 000,002,019 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg [2012/10/23 20:40:52 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe [2012/10/23 20:40:52 | 000,002,333 | ---- | C] () -- C:\Windows\unins000.dat [2012/10/23 00:19:35 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND [2012/10/22 21:45:33 | 000,007,598 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg [2012/10/13 16:35:15 | 019,143,619 | ---- | C] () -- C:\Users\Kilian\Mac_Theme_for_Windows_7___64bit_.rar [2012/10/08 21:32:19 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2012/10/01 10:44:18 | 000,005,120 | ---- | C] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/09/26 20:51:36 | 000,045,270 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\room_v3.dat [2012/09/25 18:32:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat [2012/07/10 19:25:15 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe [2012/05/07 19:12:41 | 001,591,234 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/05/07 16:23:22 | 000,000,828 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\AbsoluteReminder.xml [2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012/01/20 06:04:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/01/20 05:55:31 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011/11/29 09:09:23 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/11/10 04:24:46 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011/09/19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2011/09/19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/01/19 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(4C-BC-A5-88-6C-2C) [2012/08/17 19:18:45 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(64-99-5D-E8-3B-29) [2013/05/18 23:18:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.minecraft [2013/05/12 19:15:40 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.techniclauncher [2012/07/30 03:34:08 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Aeria Games & Entertainment [2012/12/09 01:58:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Atari [2012/06/10 22:10:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Audacity [2012/08/07 23:08:46 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\BANDISOFT [2012/07/07 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Bump Technologies, Inc [2012/09/07 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Canon [2013/05/09 14:32:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD [2013/05/19 19:30:50 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\CheckPoint [2012/08/07 23:54:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Cocoon Software [2012/06/22 23:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/05/24 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite [2012/09/14 23:41:21 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Deckadance19 [2012/11/02 01:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Dev-Cpp [2013/05/10 00:00:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoft [2013/01/31 01:41:18 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileSwap2 [2013/05/14 21:58:55 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileZilla [2012/10/07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\GarenaPlus [2013/04/20 04:22:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Hear [2012/07/30 23:27:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ijjigame [2013/04/13 02:28:32 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\KeePass [2012/12/09 01:57:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Leadertech [2012/10/23 18:28:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\logs [2012/11/05 21:19:27 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\LolClient [2012/11/14 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Luxand [2012/06/10 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Need for Speed World [2012/05/08 19:21:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++ [2013/01/05 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Origin [2012/06/23 02:39:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\PDAppFlex [2013/03/12 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Play withSIX [2012/10/26 12:56:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ProtectDisc [2012/11/04 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screaming Bee [2012/05/07 16:24:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screensaver [2013/01/11 23:23:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skate's Thumbnail Tool [2012/11/25 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skynet [2012/05/07 21:04:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SoftGrid Client [2012/11/23 23:46:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SongManager [2013/04/21 14:50:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Spotify [2013/01/08 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/10/13 17:40:58 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Stardock [2013/04/10 19:00:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Synthesia [2013/05/12 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeamViewer [2012/11/18 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TechSmith [2013/05/15 20:18:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\temp [2012/08/28 17:43:10 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird [2012/05/07 19:13:33 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TP [2013/05/19 02:22:34 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TS3Client [2013/03/20 02:55:29 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay [2012/11/03 01:15:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay_hook_win64 [2012/09/26 22:03:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Tunngle [2012/09/11 20:11:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Unity [2013/01/11 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\VisioForge [2012/11/03 19:58:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\YaTQA ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:08948D52 < End of report > Ich habe die NetFramewk.exe nicht.. Gruß Kilian PS: Danke schonmal für die kleine Leistungssteigerung! |
|
20.05.2013, 21:24
| #19 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! die Datei muss da sein... sonst würde OTL sie nicht sehen  bitte arbeite die Anleitung genau ab... Schritt 1 Bitte gehe zu Virustotal und lass dort folgendermassen eine Datei überprüfen:
|
|
20.05.2013, 22:59
| #20 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Hier der link: https://www.virustotal.com/de/file/34de6d2f03de4decf6be47a9f1c141d0c6d7099c3ac293b82d4bcd17e269dbca/analysis/1369087081/ MfG Kilian |
|
21.05.2013, 13:09
| #21 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! Hallo Mystrix847 Die Datei ist soweit unauffällig, jetzt suchen wir mal etwas tiefer. Du hast da eine Menge an Software auf dem Rechner, brauchst du das alles? Schritt 1 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> CPU-Auslastung von meinem Laptop sehr hoch! |
|
22.05.2013, 21:23
| #22 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Ich brauche nicht alles.. Aber ab und zu brauch ich das ein oder andere doch schon einmal.. Malwarebytes Anti-Rootkit hat keine Malware gefunden! Hier die Logfile: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.22.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Kilian :: KILIAN-LAPTOP [administrator]
5/22/2013 9:27:43 PM
mbar-log-2013-05-22 (21-27-43).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 32394
Time elapsed: 25 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
23.05.2013, 16:01
| #23 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! Hallo Kilian, wie sieht es aktuell mit der Prozessorauslastung aus? immer noch erhöht wenn du WLAN startest, beobachte doch mal welcher Systemprozess sich beim Einschalten des WLAN erhöht. Schritt 1: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 2: Downloade dir bitte Farbar's Service Scanner
<Dienstname> und klicke auf Export Service. Poste bitte die FSS.txt in deiner nächsten Antwort. Schritt 3: Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
Schritt 4: Starte bitte OTL.exe setze den Haken bei "Scanne alle Benutzer" und drücke den Quick Scan Button. Poste die OTL.txt hier in deinen Thread. Teste bitte ob sich die Auslastung deines Rechners nach diesen Schritten verändert. |
|
25.05.2013, 12:16
| #24 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Hi, Das ist nicht genau festzustellen, daher alle Prozesse so schnell die CPU-Leistung verändern, dass ich nicht feststellen kann welcher beim Einschalten des WLAN die Leistung erhöht. Die Logfile von JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kilian on Fri 05/24/2013 at 19:37:36.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-2551311250-958237084-932551016-1000\software\web assistant"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{30A115AA-D9E9-407C-AF27-37E22BF29F72}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3FF06EA6-BEAD-4FEE-9F6F-F51852E527D7}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Kilian\appdata\locallow\bcool"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bcool"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{00B723E0-BC34-4CAA-A13C-70AE320E7420}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{14DD6627-BD63-4387-B0B1-7AF1F4C4B9C4}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{1916961D-18EA-41B6-86EF-53731E89AF2F}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{1AA38E48-AFD3-4878-BBAC-EEB6674132B2}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{23CE1FE0-0FD8-4371-B6F6-223847FC001C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{27A16F27-12A7-43AA-853A-EA24CA8EC22B}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2A9711B0-D2DD-4DFA-BCC0-A681600D3762}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2A9F0FE7-D595-41B1-8157-DC59832466DF}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2ED2F99D-AE59-4F29-82EF-02757E717CA2}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{39360E6D-CD70-4D1E-9B20-DE78F2901F8C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{39CB41EE-137F-4F90-B342-DAFCFD721333}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{481F03BB-A5B8-4C91-8F10-4DBB3F16FE1C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{4AAD255D-AD85-4315-A955-A8669A73A537}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{4CAFA4A9-7990-4076-A758-8C9BF4373BE1}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{569E7D32-78C4-41F6-9C79-B157E90BBCD5}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{66712223-8E15-4B31-BEF4-80757AA68950}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{6AD6C01B-3501-47C4-99ED-BEE22BA09FD0}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7C1CADA2-259C-4E51-8E22-8900BF7873F7}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7D43BA41-538B-436F-A417-8AEA094C2EA3}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7F1CBF3D-FE45-4268-8FAA-55D76068FB52}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{89D02899-F580-453A-A6CA-1FE899227CC4}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{9484E98A-2D6E-4495-9F29-7B62B23AAF40}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{B01CBB80-1BF0-4864-B438-A8C7F2435D84}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{B0AECA04-2FAC-4CCC-A8E3-31989D5D0455}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{BACC4AAF-73B4-41F3-8498-040E5916B598}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{CCA2BDA2-75DE-4FBB-BB4E-3682AB985476}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{DBD9B150-2162-4475-B2AC-0C16F5E096E6}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{ED356FB1-02FD-4A16-AF35-928E91CB256A}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{EEC93E70-B546-43CD-83CC-F7B439A6834A}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{F8FFB4B7-9023-45D2-BF04-FED1AA83448F}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{F9D4B06A-0BB7-4F86-A73D-4A1003B07326}
~~~ FireFox
Successfully deleted: [File] C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\invalidprefs.js
Successfully deleted the following from C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\prefs.js
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://www.mysearchresults.com/search|||8641353192882446");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www.mysearchresults.com/search?ei=utf-8&c=4001&t=10&q=MfG/|#|old_value|||86413531940739
Emptied folder: C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\minidumps [101 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Kilian\appdata\local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/24/2013 at 19:42:53.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Farbar Service Scanner Version: 14-04-2013
Ran by Kilian (administrator) on 24-05-2013 at 19:47:03
Running from "C:\Users\Kilian\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Code:
ATTFilter Note: The export is in "Windows Registry Editor Version 5.00" format.
================== Result for "<Dienstname>" ==================
================== End Of Export =============
Code:
ATTFilter MiniToolBox by Farbar Version:21-04-2013
Ran by Kilian (administrator) on 24-05-2013 at 19:48:44
Running from "C:\Users\Kilian\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.type", 0
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected)
Hamachi Network Interface = Hamachi (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = LAN-Verbindung (Media disconnected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 2 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=5.35.173.112 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.52.1 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.131.1 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.178.43 metric=1 publish=Ja
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Ja
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="LAN-Verbindung* 15-WFP LightWeight Filter-0000" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.131.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.52.1 mask=255.255.255.0
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Kilian-Laptop
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physikalische Adresse . . . . . . : E6-46-19-14-72-56
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter Tunngle:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physikalische Adresse . . . . . . : 00-FF-2D-CB-8A-6F
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physikalische Adresse . . . . . . : C4-46-19-14-72-56
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::13f:5471:cea2:a275%12(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.43(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Friday, May 24, 2013 7:13:38 PM
Lease l„uft ab. . . . . . . . . . : Monday, June 03, 2013 7:13:41 PM
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 398738969
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physikalische Adresse . . . . . . : DC-0E-A1-2A-4C-B7
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Hamachi Network Interface
Physikalische Adresse . . . . . . : 7A-79-19-23-AD-70
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2620:9b::1923:ad70(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::f181:7647:95b8:4e5d%16(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 25.35.173.112(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.0.0.0
Lease erhalten. . . . . . . . . . : Friday, May 24, 2013 7:13:29 PM
Lease l„uft ab. . . . . . . . . . : Saturday, May 24, 2014 7:15:35 PM
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DHCP-Server . . . . . . . . . . . : 25.0.0.1
DHCPv6-IAID . . . . . . . . . . . : 461011218
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VMware Network Adapter VMnet1:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physikalische Adresse . . . . . . : 00-50-56-C0-00-01
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::c8cc:471a:e89a:5818%17(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.52.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 570445910
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VMware Network Adapter VMnet8:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physikalische Adresse . . . . . . : 00-50-56-C0-00-08
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::5d14:53ab:e15d:cc36%18(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.131.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 604000342
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VirtualBox Host-Only Network:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physikalische Adresse . . . . . . : 08-00-27-00-BC-B2
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::8d5e:3688:4976:e388%28(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.56.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 839385127
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{EDEDC314-17A2-4118-AE72-5828771907ED}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{02554915-0FBE-4626-93F6-B2DEED71CCF7}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #3
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{497E7E3A-460A-4B35-8C1B-AD926703DF6A}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #4
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{2DCB8A6F-81ED-45E1-B560-0A28B73CAC39}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #5
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter Teredo Tunneling Pseudo-Interface:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{B4BD5B0A-91FA-4EED-BA32-C6C8ABB23E0D}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #6
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{B3CAD59D-E119-4692-9BBD-09CEB9A2056D}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #9
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4001:c02::8b
173.194.70.101
173.194.70.100
173.194.70.113
173.194.70.102
173.194.70.139
173.194.70.138
Ping wird ausgefhrt fr google.com [173.194.70.101] mit 32 Bytes Daten:
Antwort von 173.194.70.101: Bytes=32 Zeit=24ms TTL=50
Antwort von 173.194.70.101: Bytes=32 Zeit=24ms TTL=50
Ping-Statistik fr 173.194.70.101:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 24ms, Maximum = 24ms, Mittelwert = 24ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=368ms TTL=49
Antwort von 206.190.36.45: Bytes=32 Zeit=411ms TTL=49
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 368ms, Maximum = 411ms, Mittelwert = 389ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
20...e6 46 19 14 72 56 ......Microsoft Virtual WiFi Miniport Adapter
19...00 ff 2d cb 8a 6f ......TAP-Win32 Adapter V9 (Tunngle)
12...c4 46 19 14 72 56 ......Atheros AR5B97 Wireless Network Adapter
11...dc 0e a1 2a 4c b7 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
16...7a 79 19 23 ad 70 ......Hamachi Network Interface
17...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
18...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
28...08 00 27 00 bc b2 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
35...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
22...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
30...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #3
31...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #4
34...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #5
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
32...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #6
29...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #9
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 25.0.0.1 25.35.173.112 9256
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.43 25
25.0.0.0 255.0.0.0 Auf Verbindung 25.35.173.112 9256
25.35.173.112 255.255.255.255 Auf Verbindung 25.35.173.112 9256
25.255.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.131.1 21
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.52.1 21
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.178.43 26
169.254.0.0 255.255.0.0 Auf Verbindung 25.35.173.112 9256
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.56.1 9256
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
169.254.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.52.0 255.255.255.0 Auf Verbindung 192.168.52.1 276
192.168.52.1 255.255.255.255 Auf Verbindung 192.168.52.1 276
192.168.52.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
192.168.56.0 255.255.255.0 Auf Verbindung 192.168.56.1 276
192.168.56.1 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.56.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.131.0 255.255.255.0 Auf Verbindung 192.168.131.1 276
192.168.131.1 255.255.255.255 Auf Verbindung 192.168.131.1 276
192.168.131.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.43 281
192.168.178.43 255.255.255.255 Auf Verbindung 192.168.178.43 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.56.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 25.35.173.112 9256
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.52.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.131.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.43 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
===========================================================================
Ständige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
169.254.0.0 255.255.0.0 5.35.173.112 1
169.254.0.0 255.255.0.0 192.168.52.1 1
169.254.0.0 255.255.0.0 192.168.131.1 1
169.254.0.0 255.255.0.0 192.168.178.43 1
0.0.0.0 0.0.0.0 25.0.0.1 Standard
===========================================================================
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
16 9020 ::/0 2620:9b::1900:1
1 306 ::1/128 Auf Verbindung
16 276 2620:9b::/96 Auf Verbindung
16 276 2620:9b::1923:ad70/128 Auf Verbindung
28 276 fe80::/64 Auf Verbindung
16 276 fe80::/64 Auf Verbindung
17 276 fe80::/64 Auf Verbindung
18 276 fe80::/64 Auf Verbindung
12 281 fe80::/64 Auf Verbindung
12 281 fe80::13f:5471:cea2:a275/128
Auf Verbindung
18 276 fe80::5d14:53ab:e15d:cc36/128
Auf Verbindung
28 276 fe80::8d5e:3688:4976:e388/128
Auf Verbindung
17 276 fe80::c8cc:471a:e89a:5818/128
Auf Verbindung
16 276 fe80::f181:7647:95b8:4e5d/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
28 276 ff00::/8 Auf Verbindung
16 276 ff00::/8 Auf Verbindung
17 276 ff00::/8 Auf Verbindung
18 276 ff00::/8 Auf Verbindung
12 281 ff00::/8 Auf Verbindung
===========================================================================
Ständige Routen:
If Metrik Netzwerkziel Gateway
0 4294967295 2620:9b::/96 Auf Verbindung
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-16 21:54:48.905
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.859
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.796
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.749
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.986
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.939
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.908
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.861
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 20:17:51.707
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 20:17:51.660
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
=========================== Installed Programs ============================
Update for Microsoft Office 2007 (KB2508958)
???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.5.3501.00)
Acer ePower Management (Version: 6.00.3007)
Acer eRecovery Management (Version: 5.00.3502)
Acer Registration (Version: 1.04.3502)
Acer ScreenSaver (Version: 1.1.0913.2011)
Acer Updater (Version: 1.02.3502)
Acer VCM (Version: 4.05.3501)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.6)
Adobe AIR (Version: 3.3.0.3670)
Adobe CS6 Design and Web Premium (Version: 6)
Adobe Download Assistant (Version: 1.2.3)
Adobe Dreamweaver CS6 (Version: 12)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.0) MUI (Version: 10.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Adobe® Content Viewer (Version: 2.8.0)
Aeria Ignite (Version: 1.10.1721)
Akamai NetSession Interface
Alien Swarm
Alliance of Valiant Arms
Altova StyleVision® 2012 rel. 2 sp1 Enterprise Edition (Version: 2012.02.01)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Media Foundation Decoders (Version: 1.0.61110.0316)
ApnStub
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
applicationupdater
ARMA 2 Dedicated Server
Arma 2: Operation Arrowhead - Dedicated Server
ARMA 2: Operation Arrowhead Beta
ASIO4ALL (Version: 2.10)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Avira Free Antivirus (Version: 13.0.0.3640)
Backup Manager V3 (Version: 3.0.0.99)
Bandisoft MPEG-1 Decoder
Banner Maker Pro Version 9
Battlefield Play4Free
BattlEye for OA Uninstall
BlackShot
Bluetooth Win7 Suite (64) (Version: 7.4.0.96)
Bonjour (Version: 3.0.0.10)
Brick-Force (Version: )
BumpTop (Version: 2.1.6211)
Call of Duty Modern Warfare 2
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Modern Warfare 3 - Dedicated Server
Camtasia Studio 7 (Version: 7.1.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG5300 series Benutzerregistrierung
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1110.331.6214)
Catalyst Control Center Localization All (Version: 2011.1110.331.6214)
CCC Help Chinese Standard (Version: 2011.1110.0330.6214)
CCC Help Chinese Traditional (Version: 2011.1110.0330.6214)
CCC Help Czech (Version: 2011.1110.0330.6214)
CCC Help Danish (Version: 2011.1110.0330.6214)
CCC Help Dutch (Version: 2011.1110.0330.6214)
CCC Help English (Version: 2011.1110.0330.6214)
CCC Help Finnish (Version: 2011.1110.0330.6214)
CCC Help French (Version: 2011.1110.0330.6214)
CCC Help German (Version: 2011.1110.0330.6214)
CCC Help Greek (Version: 2011.1110.0330.6214)
CCC Help Hungarian (Version: 2011.1110.0330.6214)
CCC Help Italian (Version: 2011.1110.0330.6214)
CCC Help Japanese (Version: 2011.1110.0330.6214)
CCC Help Korean (Version: 2011.1110.0330.6214)
CCC Help Norwegian (Version: 2011.1110.0330.6214)
CCC Help Polish (Version: 2011.1110.0330.6214)
CCC Help Portuguese (Version: 2011.1110.0330.6214)
CCC Help Russian (Version: 2011.1110.0330.6214)
CCC Help Spanish (Version: 2011.1110.0330.6214)
CCC Help Swedish (Version: 2011.1110.0330.6214)
CCC Help Thai (Version: 2011.1110.0330.6214)
CCC Help Turkish (Version: 2011.1110.0330.6214)
ccc-utility64 (Version: 2011.1110.331.6214)
CCleaner (Version: 4.00)
Cheat Engine 6.1
Cobra 11 - Burning Wheels (remove only)
Combat Arms EU
Core Temp 1.0 RC3 (Version: 1.0)
Corel WinDVD (Version: 10.0.5.899)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.46.1.0327)
DayZ Commander (Version: 0.9.107)
Dev-C++ 5 beta 9 release (4.9.9.2)
eBay Worldwide (Version: 2.2.0409)
ETDWare PS/2-X64 8.0.6.2_WHQL (Version: 8.0.6.2)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
File Shredder 2.5
FileSwap Client (Version: 2.13.1)
FileZilla Client 3.7.0.1 (Version: 3.7.0.1)
Firebird 2.5.0.26074 (Win32) (Version: 2.5.0.26074)
FL Studio 10
Flatcast Producer Plugin 5.3.0.784
FormatFactory 2.95 (Version: 2.95)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Fraps (remove only)
Free Video Call Recorder for Skype version 1.0.2.115 (Version: 1.0.2.115)
Free YouTube Download version 3.2.0.128 (Version: 3.2.0.128)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
Gadwin PrintScreen (Version: 4.7)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
gamelauncher-ps2-psg
Ghost Recon Online (Version: 1.30.8665.2)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 26.0.1410.64)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Talk Plugin (Version: 3.19.1.13088)
Google Update Helper (Version: 1.3.21.145)
Grand Theft Auto IV
Grand Theft Auto San Andreas (Version: 1.00.00001)
Half-Life 2: Deathmatch
HeadStrong WebClicker v2.56 (Version: 2.56)
Hear
Heat Online
HydraVision (Version: 4.2.248.0)
Identity Card (Version: 1.00.3501)
IL Download Manager
Install Absolute Data Protect (Version: 1.0.0.42)
Intel(R) Management Engine Components (Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 11.0.3.42)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyLemon (Version: 2.7.1)
Landwirtschafts Simulator 2013 (Version: 1.0)
Launch Manager (Version: 6.0.7)
League of Legends (Version: 1.3)
Left 4 Dead 2
Left 4 Dead 2 Authoring Tools
Left 4 Dead 2 Dedicated Server
Left 4 Dead Dedicated Server
LogMeIn Hamachi (Version: 2.1.0.362)
MAESTIA Version 201201 (Version: 201201)
Mafia II
Medicopter 4 deinstallieren (Version: Medicopter4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.1.99.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Mozilla Thunderbird 17.0.3 (x86 de) (Version: 17.0.3)
MSI to redistribute MS VS2005 CRT libraries (Version: 8.0.50727.42)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Need For Speed™ World (Version: 1.0.0.936)
Nero 12 (Version: 12.0.02000)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.0.2001)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.14300)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Burning ROM (Version: 12.0.20000)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15200)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.18100)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.20000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.18200)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode (Version: 12.0.24000)
Nero Recode Help (CHM) (Version: 12.0.4000)
Nero RescueAgent (Version: 12.0.9000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.0.3000)
Nero Video Help (CHM) (Version: 12.0.4000)
newsXpresso (Version: 1.0.0.40)
Nexon Game Manager
No-IP DUC (Version: 4.0.1)
Norton Online Backup (Version: 2.1.17869)
Notepad++ (Version: 6.1.2)
NTI Media Maker 9 (Version: 9.0.2.8942)
NVIDIA PhysX (Version: 9.10.0513)
ObjectDock Free (Version: 2.0)
Oracle VM VirtualBox 4.2.12 (Version: 4.2.12)
Origin (Version: 9.1.3.2637)
Pando Media Booster (Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator
PDF Settings CS6 (Version: 11.0)
PlanetSide 2 (Version: 1.0.3.183)
Play withSIX (Version: 1.30.0450)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
Prerequisite installer (Version: 12.0.0002)
ProtectDisc Driver, Version 11 (Version: 11.0.0.11)
PunkBuster Services (Version: 0.990)
PX Profile Update (Version: 1.00.1.)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Razer Game Booster (Version: 3.5.6.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6318)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30123)
reFX Nexus VSTi RTAS v2.2.0
RocketDock 1.3.5
RollerCoaster Tycoon 3
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
SAM Broadcaster v4 (Version: v4)
skate's Thumbnail Tool Version 1.1.2 (Version: 1.1.2)
Skype™ 6.3 (Version: 6.3.105)
Source SDK Base 2007
Speccy (Version: 1.20)
Spotify (Version: 0.9.0.128.g3134f863)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synthesia (Version: 8.5)
T4E Player
TeamSpeak 3 Client (Version: 3.0.10.1)
TeamViewer 8 (Version: 8.0.18051)
The War Z version alpha (Version: alpha)
theHunter (remove only)
Tom Clancy's Splinter Cell Conviction (Version: 1.04.000)
Tunngle beta
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Ubisoft Game Launcher (Version: 1.0.0.0)
UE3Redist (Version: 1.00.0000)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
USB Joystick (Version: 1.00.0000)
Virtual Audio Cable 4.10
VirtualDJ PRO Full (Version: 7.0.4)
VLC media player 2.0.1 (Version: 2.0.1)
VMware Player (Version: 4.0.4.30409)
War Inc Battlezone version 1.0.0 (Version: 1.0.0)
Warframe
Welcome App (Start-up experience) (Version: 12.0.14000)
Welcome Center (Version: 1.02.3504)
Winamp (Version: 5.623 )
Winamp Erkennungs-Plug-in (Version: 1.0.0.1)
Windows 7 Logon Background Changer (Version: 1.5.2)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Windows Speech Recognition Macros (Version: 1.0.6862.19)
WinRAR
Zattoo4 4.0.5 (Version: 4.0.5)
Zeta Producer 11 11.0.4 (nur entfernen) (Version: 11.0.4)
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 7157.86 MB
Available physical RAM: 4986.82 MB
Total Pagefile: 14313.9 MB
Available Pagefile: 11707.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.53 MB
========================= Partitions: =====================================
1 Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:325.19 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\KILIAN-LAPTOP
Administrator Gast Kilian
Test123
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Code:
ATTFilter OTL logfile created on: 5/24/2013 7:50:47 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kilian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Vereinigte Staaten von Amerika | Language: ENU | Date Format: M/d/yyyy
6.99 Gb Total Physical Memory | 4.85 Gb Available Physical Memory | 69.43% Memory free
13.98 Gb Paging File | 11.40 Gb Available in Paging File | 81.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.54 Gb Total Space | 325.18 Gb Free Space | 47.57% Space Free | Partition Type: NTFS
Computer Name: KILIAN-LAPTOP | User Name: Kilian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Kilian\Desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
SRV - (FirebirdServerDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (REN2CAP_DRIVER) -- C:\Windows\SysNative\drivers\ren2cap.sys ()
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.6.0.20130418072822
FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.0.8
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kilian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/13 20:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}: C:\Program Files\KeyLemon\extension\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/03/22 06:08:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/03/13 20:09:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M]
[2012/11/14 18:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Extensions
[2013/05/20 04:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions
[2013/05/20 04:18:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/01/10 18:43:33 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\battlefieldplay4free@ea.com
[2013/02/05 18:55:32 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\info@djzig.com
[2012/08/25 14:09:56 | 000,077,464 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\ciuvo-extension@billiger.de.xpi
[2013/05/07 19:37:58 | 000,534,214 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/08 22:27:56 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/12 16:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/12 16:53:35 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/23 14:41:48 | 002,557,440 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll
[2012/10/23 20:43:52 | 001,623,552 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll
[2013/01/17 02:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/17 02:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/17 02:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/01/17 02:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/01/17 02:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/01/17 02:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\npbrowserext.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: New Tab for Chrome = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0\
O1 HOSTS File: ([2013/05/16 21:55:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [ISW] File not found
O4:64bit: - HKLM..\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe ()
O4:64bit: - HKLM..\Run: [KeyLemon Updater] C:\Programme\KeyLemon\KLUpdater.exe ()
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Akamai NetSession Interface] C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Facebook Update] C:\Users\Kilian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [NetFramewk.exe] C:\book\data\NetFramewk.exe (Microsoft@2012)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab (DLM Control)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll (Flatcast Viewer 5.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70A28DBD-5880-45F5-B091-41405292A075}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/24 19:50:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL (2).exe
[2013/05/24 19:47:48 | 000,760,723 | ---- | C] (Farbar) -- C:\Users\Kilian\Desktop\MiniToolBox.exe
[2013/05/24 19:43:55 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Kilian\Desktop\FSS.exe
[2013/05/24 19:37:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/05/24 19:37:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/24 19:36:31 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Kilian\Desktop\JRT.exe
[2013/05/23 21:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/23 21:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/05/22 21:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/05/21 16:10:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\mbar
[2013/05/18 21:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/18 21:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/05/17 14:03:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/16 21:55:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/16 21:38:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/05/16 21:35:55 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe
[2013/05/15 20:04:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/15 20:04:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/15 20:04:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/15 20:04:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/15 20:03:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/14 22:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013/05/14 22:54:28 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Intel Corporation
[2013/05/13 20:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/05/13 19:43:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Rockstar Games
[2013/05/13 19:40:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/05/13 19:39:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/05/13 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Rockstar Games
[2013/05/13 19:38:53 | 000,000,000 | RH-D | C] -- C:\Users\Kilian\AppData\Roaming\SecuROM
[2013/05/13 19:38:52 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/05/13 19:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013/05/11 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\DomeKilian
[2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/05/10 02:36:28 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/05/09 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Avira
[2013/05/09 20:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/05/09 20:31:57 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/05/09 20:31:57 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/05/09 20:31:57 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/05/09 20:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/05/09 20:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/05/09 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\CheckPoint
[2013/05/09 14:32:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD
[2013/05/09 14:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013/05/09 13:58:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Win-RAR Archive
[2013/05/01 18:42:43 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptigo
[2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cryptigo
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/24 19:52:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job
[2013/05/24 19:50:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL (2).exe
[2013/05/24 19:47:45 | 000,760,723 | ---- | M] (Farbar) -- C:\Users\Kilian\Desktop\MiniToolBox.exe
[2013/05/24 19:43:53 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Kilian\Desktop\FSS.exe
[2013/05/24 19:36:28 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Kilian\Desktop\JRT.exe
[2013/05/24 19:30:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 19:21:02 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 19:21:02 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 19:18:11 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/24 19:18:11 | 000,699,666 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/05/24 19:18:11 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/24 19:18:11 | 000,149,774 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/05/24 19:18:11 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/24 19:13:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/24 19:13:19 | 1334,202,367 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/23 23:13:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/23 23:10:56 | 000,005,632 | ---- | M] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/23 23:00:31 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job
[2013/05/23 22:58:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/22 20:00:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job
[2013/05/21 22:56:46 | 001,594,892 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/21 22:37:08 | 000,000,600 | ---- | M] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND
[2013/05/21 17:52:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job
[2013/05/19 19:20:38 | 000,632,031 | ---- | M] () -- C:\Users\Kilian\Desktop\adwcleaner.exe
[2013/05/18 21:16:15 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/16 21:55:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/05/16 21:35:49 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe
[2013/05/16 15:07:32 | 005,056,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/13 19:38:52 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/05/13 19:15:55 | 000,057,784 | ---- | M] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip
[2013/05/13 16:33:53 | 000,377,856 | ---- | M] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe
[2013/05/13 16:32:11 | 000,000,168 | ---- | M] () -- C:\Users\Kilian\defogger_reenable
[2013/05/13 16:30:57 | 000,050,477 | ---- | M] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2013/05/12 20:53:08 | 000,007,598 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2013/05/12 01:01:20 | 000,001,456 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013/05/10 02:36:17 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/05/09 20:32:42 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/05/09 20:31:30 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/05/09 20:31:30 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/05/09 20:31:30 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/05/09 14:04:40 | 000,035,048 | ---- | M] () -- C:\Windows\temp.bmp
[2013/05/04 02:05:32 | 000,017,408 | ---- | M] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db
[2013/04/29 02:03:18 | 000,002,019 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg
[2013/04/28 15:39:10 | 000,001,640 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/19 19:20:55 | 000,632,031 | ---- | C] () -- C:\Users\Kilian\Desktop\adwcleaner.exe
[2013/05/18 21:16:15 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/15 20:04:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/15 20:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/15 20:04:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/15 20:04:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/15 20:04:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/13 19:15:55 | 000,057,784 | ---- | C] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip
[2013/05/13 16:34:00 | 000,377,856 | ---- | C] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe
[2013/05/13 16:32:11 | 000,000,168 | ---- | C] () -- C:\Users\Kilian\defogger_reenable
[2013/05/13 16:30:56 | 000,050,477 | ---- | C] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2013/05/09 20:32:42 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/04/20 17:31:12 | 000,017,408 | ---- | C] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db
[2013/03/23 20:04:12 | 000,213,173 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\UserTile.png
[2013/02/10 21:16:31 | 000,002,349 | ---- | C] () -- C:\Users\Kilian\test.php
[2013/01/08 20:30:45 | 000,003,315 | ---- | C] () -- C:\Users\Kilian\AppData\Local\recently-used.xbel
[2013/01/08 18:14:41 | 000,001,456 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2012/12/09 01:58:04 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/11/25 02:02:47 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012/11/06 00:10:59 | 000,281,120 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/11/06 00:10:59 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/10/23 22:09:28 | 000,001,640 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg
[2012/10/23 22:09:12 | 000,002,019 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg
[2012/10/23 20:40:52 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2012/10/23 20:40:52 | 000,002,333 | ---- | C] () -- C:\Windows\unins000.dat
[2012/10/23 00:19:35 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND
[2012/10/22 21:45:33 | 000,007,598 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2012/10/13 16:35:15 | 019,143,619 | ---- | C] () -- C:\Users\Kilian\Mac_Theme_for_Windows_7___64bit_.rar
[2012/10/08 21:32:19 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012/10/01 10:44:18 | 000,005,632 | ---- | C] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/26 20:51:36 | 000,045,270 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\room_v3.dat
[2012/09/25 18:32:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/07/10 19:25:15 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2012/05/07 19:12:41 | 001,594,892 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/07 16:23:22 | 000,000,828 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\AbsoluteReminder.xml
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/20 06:04:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/01/20 05:55:31 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/11/29 09:09:23 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/11/10 04:24:46 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/09/19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/09/19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/19 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(4C-BC-A5-88-6C-2C)
[2012/08/17 19:18:45 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(64-99-5D-E8-3B-29)
[2013/05/19 21:33:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.minecraft
[2013/05/12 19:15:40 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.techniclauncher
[2012/07/30 03:34:08 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Aeria Games & Entertainment
[2012/12/09 01:58:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Atari
[2012/06/10 22:10:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Audacity
[2012/08/07 23:08:46 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\BANDISOFT
[2012/07/07 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Bump Technologies, Inc
[2012/09/07 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Canon
[2013/05/09 14:32:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD
[2013/05/19 19:30:50 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\CheckPoint
[2012/08/07 23:54:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Cocoon Software
[2012/06/22 23:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/24 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite
[2012/09/14 23:41:21 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Deckadance19
[2012/11/02 01:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Dev-Cpp
[2013/05/10 00:00:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoft
[2013/01/31 01:41:18 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileSwap2
[2013/05/20 14:56:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileZilla
[2012/10/07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\GarenaPlus
[2013/04/20 04:22:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Hear
[2012/07/30 23:27:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ijjigame
[2013/04/13 02:28:32 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\KeePass
[2012/12/09 01:57:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Leadertech
[2012/10/23 18:28:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\logs
[2012/11/05 21:19:27 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\LolClient
[2012/11/14 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Luxand
[2012/06/10 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Need for Speed World
[2012/05/08 19:21:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++
[2013/01/05 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Origin
[2012/06/23 02:39:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\PDAppFlex
[2013/03/12 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Play withSIX
[2012/10/26 12:56:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ProtectDisc
[2012/11/04 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screaming Bee
[2012/05/07 16:24:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screensaver
[2013/01/11 23:23:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skate's Thumbnail Tool
[2012/11/25 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skynet
[2012/05/07 21:04:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SoftGrid Client
[2012/11/23 23:46:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SongManager
[2013/05/21 22:51:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Spotify
[2013/01/08 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/10/13 17:40:58 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Stardock
[2013/04/10 19:00:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Synthesia
[2013/05/12 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeamViewer
[2012/11/18 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TechSmith
[2013/05/15 20:18:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\temp
[2012/08/28 17:43:10 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird
[2012/05/07 19:13:33 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TP
[2013/05/23 23:17:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TS3Client
[2013/03/20 02:55:29 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay
[2012/11/03 01:15:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay_hook_win64
[2012/09/26 22:03:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Tunngle
[2012/09/11 20:11:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Unity
[2013/01/11 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\VisioForge
[2012/11/03 19:58:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\YaTQA
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:08948D52
< End of report >
Gruß Kilian |
|
25.05.2013, 12:32
| #25 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Hi, Das ist nicht genau festzustellen, daher alle Prozesse so schnell die CPU-Leistung verändern, dass ich nicht feststellen kann welcher beim Einschalten des WLAN die Leistung erhöht. Die Logfile von JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kilian on Fri 05/24/2013 at 19:37:36.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-2551311250-958237084-932551016-1000\software\web assistant"
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{30A115AA-D9E9-407C-AF27-37E22BF29F72}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3FF06EA6-BEAD-4FEE-9F6F-F51852E527D7}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Kilian\appdata\locallow\bcool"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bcool"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{00B723E0-BC34-4CAA-A13C-70AE320E7420}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{14DD6627-BD63-4387-B0B1-7AF1F4C4B9C4}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{1916961D-18EA-41B6-86EF-53731E89AF2F}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{1AA38E48-AFD3-4878-BBAC-EEB6674132B2}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{23CE1FE0-0FD8-4371-B6F6-223847FC001C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{27A16F27-12A7-43AA-853A-EA24CA8EC22B}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2A9711B0-D2DD-4DFA-BCC0-A681600D3762}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2A9F0FE7-D595-41B1-8157-DC59832466DF}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{2ED2F99D-AE59-4F29-82EF-02757E717CA2}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{39360E6D-CD70-4D1E-9B20-DE78F2901F8C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{39CB41EE-137F-4F90-B342-DAFCFD721333}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{481F03BB-A5B8-4C91-8F10-4DBB3F16FE1C}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{4AAD255D-AD85-4315-A955-A8669A73A537}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{4CAFA4A9-7990-4076-A758-8C9BF4373BE1}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{569E7D32-78C4-41F6-9C79-B157E90BBCD5}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{66712223-8E15-4B31-BEF4-80757AA68950}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{6AD6C01B-3501-47C4-99ED-BEE22BA09FD0}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7C1CADA2-259C-4E51-8E22-8900BF7873F7}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7D43BA41-538B-436F-A417-8AEA094C2EA3}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{7F1CBF3D-FE45-4268-8FAA-55D76068FB52}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{89D02899-F580-453A-A6CA-1FE899227CC4}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{9484E98A-2D6E-4495-9F29-7B62B23AAF40}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{B01CBB80-1BF0-4864-B438-A8C7F2435D84}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{B0AECA04-2FAC-4CCC-A8E3-31989D5D0455}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{BACC4AAF-73B4-41F3-8498-040E5916B598}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{CCA2BDA2-75DE-4FBB-BB4E-3682AB985476}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{DBD9B150-2162-4475-B2AC-0C16F5E096E6}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{ED356FB1-02FD-4A16-AF35-928E91CB256A}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{EEC93E70-B546-43CD-83CC-F7B439A6834A}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{F8FFB4B7-9023-45D2-BF04-FED1AA83448F}
Successfully deleted: [Empty Folder] C:\Users\Kilian\appdata\local\{F9D4B06A-0BB7-4F86-A73D-4A1003B07326}
~~~ FireFox
Successfully deleted: [File] C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\invalidprefs.js
Successfully deleted the following from C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\prefs.js
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://www.mysearchresults.com/search|||8641353192882446");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://www.mysearchresults.com/search?ei=utf-8&c=4001&t=10&q=MfG/|#|old_value|||86413531940739
Emptied folder: C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\minidumps [101 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Kilian\appdata\local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/24/2013 at 19:42:53.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Farbar Service Scanner Version: 14-04-2013
Ran by Kilian (administrator) on 24-05-2013 at 19:47:03
Running from "C:\Users\Kilian\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Code:
ATTFilter Note: The export is in "Windows Registry Editor Version 5.00" format.
================== Result for "<Dienstname>" ==================
================== End Of Export =============
Code:
ATTFilter MiniToolBox by Farbar Version:21-04-2013
Ran by Kilian (administrator) on 24-05-2013 at 19:48:44
Running from "C:\Users\Kilian\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.type", 0
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected)
Hamachi Network Interface = Hamachi (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = LAN-Verbindung (Media disconnected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 2 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=5.35.173.112 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.52.1 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.131.1 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.178.43 metric=1 publish=Ja
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Ja
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="LAN-Verbindung* 15-WFP LightWeight Filter-0000" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.131.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet1" address=192.168.52.1 mask=255.255.255.0
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Kilian-Laptop
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physikalische Adresse . . . . . . : E6-46-19-14-72-56
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter Tunngle:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physikalische Adresse . . . . . . : 00-FF-2D-CB-8A-6F
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physikalische Adresse . . . . . . : C4-46-19-14-72-56
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::13f:5471:cea2:a275%12(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.43(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Friday, May 24, 2013 7:13:38 PM
Lease l„uft ab. . . . . . . . . . : Monday, June 03, 2013 7:13:41 PM
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 398738969
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physikalische Adresse . . . . . . : DC-0E-A1-2A-4C-B7
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter Hamachi:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Hamachi Network Interface
Physikalische Adresse . . . . . . : 7A-79-19-23-AD-70
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2620:9b::1923:ad70(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::f181:7647:95b8:4e5d%16(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 25.35.173.112(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.0.0.0
Lease erhalten. . . . . . . . . . : Friday, May 24, 2013 7:13:29 PM
Lease l„uft ab. . . . . . . . . . : Saturday, May 24, 2014 7:15:35 PM
Standardgateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DHCP-Server . . . . . . . . . . . : 25.0.0.1
DHCPv6-IAID . . . . . . . . . . . : 461011218
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VMware Network Adapter VMnet1:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physikalische Adresse . . . . . . : 00-50-56-C0-00-01
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::c8cc:471a:e89a:5818%17(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.52.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 570445910
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VMware Network Adapter VMnet8:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physikalische Adresse . . . . . . : 00-50-56-C0-00-08
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::5d14:53ab:e15d:cc36%18(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.131.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 604000342
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VirtualBox Host-Only Network:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physikalische Adresse . . . . . . : 08-00-27-00-BC-B2
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::8d5e:3688:4976:e388%28(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.56.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 839385127
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-AA-9A-8B-DC-0E-A1-2A-4C-B7
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{EDEDC314-17A2-4118-AE72-5828771907ED}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{02554915-0FBE-4626-93F6-B2DEED71CCF7}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #3
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{497E7E3A-460A-4B35-8C1B-AD926703DF6A}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #4
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{2DCB8A6F-81ED-45E1-B560-0A28B73CAC39}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #5
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter Teredo Tunneling Pseudo-Interface:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{B4BD5B0A-91FA-4EED-BA32-C6C8ABB23E0D}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #6
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{B3CAD59D-E119-4692-9BBD-09CEB9A2056D}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #9
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4001:c02::8b
173.194.70.101
173.194.70.100
173.194.70.113
173.194.70.102
173.194.70.139
173.194.70.138
Ping wird ausgefhrt fr google.com [173.194.70.101] mit 32 Bytes Daten:
Antwort von 173.194.70.101: Bytes=32 Zeit=24ms TTL=50
Antwort von 173.194.70.101: Bytes=32 Zeit=24ms TTL=50
Ping-Statistik fr 173.194.70.101:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 24ms, Maximum = 24ms, Mittelwert = 24ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=368ms TTL=49
Antwort von 206.190.36.45: Bytes=32 Zeit=411ms TTL=49
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 368ms, Maximum = 411ms, Mittelwert = 389ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
20...e6 46 19 14 72 56 ......Microsoft Virtual WiFi Miniport Adapter
19...00 ff 2d cb 8a 6f ......TAP-Win32 Adapter V9 (Tunngle)
12...c4 46 19 14 72 56 ......Atheros AR5B97 Wireless Network Adapter
11...dc 0e a1 2a 4c b7 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
16...7a 79 19 23 ad 70 ......Hamachi Network Interface
17...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
18...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
28...08 00 27 00 bc b2 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
35...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
22...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
30...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #3
31...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #4
34...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #5
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
32...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #6
29...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #9
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 25.0.0.1 25.35.173.112 9256
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.43 25
25.0.0.0 255.0.0.0 Auf Verbindung 25.35.173.112 9256
25.35.173.112 255.255.255.255 Auf Verbindung 25.35.173.112 9256
25.255.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.131.1 21
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.52.1 21
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.178.43 26
169.254.0.0 255.255.0.0 Auf Verbindung 25.35.173.112 9256
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.56.1 9256
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
169.254.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.52.0 255.255.255.0 Auf Verbindung 192.168.52.1 276
192.168.52.1 255.255.255.255 Auf Verbindung 192.168.52.1 276
192.168.52.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
192.168.56.0 255.255.255.0 Auf Verbindung 192.168.56.1 276
192.168.56.1 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.56.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.131.0 255.255.255.0 Auf Verbindung 192.168.131.1 276
192.168.131.1 255.255.255.255 Auf Verbindung 192.168.131.1 276
192.168.131.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.43 281
192.168.178.43 255.255.255.255 Auf Verbindung 192.168.178.43 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.56.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 25.35.173.112 9256
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.52.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.131.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.43 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 25.35.173.112 9256
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.52.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.131.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.43 281
===========================================================================
Ständige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
169.254.0.0 255.255.0.0 5.35.173.112 1
169.254.0.0 255.255.0.0 192.168.52.1 1
169.254.0.0 255.255.0.0 192.168.131.1 1
169.254.0.0 255.255.0.0 192.168.178.43 1
0.0.0.0 0.0.0.0 25.0.0.1 Standard
===========================================================================
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
16 9020 ::/0 2620:9b::1900:1
1 306 ::1/128 Auf Verbindung
16 276 2620:9b::/96 Auf Verbindung
16 276 2620:9b::1923:ad70/128 Auf Verbindung
28 276 fe80::/64 Auf Verbindung
16 276 fe80::/64 Auf Verbindung
17 276 fe80::/64 Auf Verbindung
18 276 fe80::/64 Auf Verbindung
12 281 fe80::/64 Auf Verbindung
12 281 fe80::13f:5471:cea2:a275/128
Auf Verbindung
18 276 fe80::5d14:53ab:e15d:cc36/128
Auf Verbindung
28 276 fe80::8d5e:3688:4976:e388/128
Auf Verbindung
17 276 fe80::c8cc:471a:e89a:5818/128
Auf Verbindung
16 276 fe80::f181:7647:95b8:4e5d/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
28 276 ff00::/8 Auf Verbindung
16 276 ff00::/8 Auf Verbindung
17 276 ff00::/8 Auf Verbindung
18 276 ff00::/8 Auf Verbindung
12 281 ff00::/8 Auf Verbindung
===========================================================================
Ständige Routen:
If Metrik Netzwerkziel Gateway
0 4294967295 2620:9b::/96 Auf Verbindung
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-16 21:54:48.905
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.859
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.796
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-16 21:54:48.749
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.986
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.939
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.908
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 21:09:05.861
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 20:17:51.707
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-15 20:17:51.660
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
=========================== Installed Programs ============================
Update for Microsoft Office 2007 (KB2508958)
???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.5.3501.00)
Acer ePower Management (Version: 6.00.3007)
Acer eRecovery Management (Version: 5.00.3502)
Acer Registration (Version: 1.04.3502)
Acer ScreenSaver (Version: 1.1.0913.2011)
Acer Updater (Version: 1.02.3502)
Acer VCM (Version: 4.05.3501)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.6)
Adobe AIR (Version: 3.3.0.3670)
Adobe CS6 Design and Web Premium (Version: 6)
Adobe Download Assistant (Version: 1.2.3)
Adobe Dreamweaver CS6 (Version: 12)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.0) MUI (Version: 10.1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Adobe® Content Viewer (Version: 2.8.0)
Aeria Ignite (Version: 1.10.1721)
Akamai NetSession Interface
Alien Swarm
Alliance of Valiant Arms
Altova StyleVision® 2012 rel. 2 sp1 Enterprise Edition (Version: 2012.02.01)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Media Foundation Decoders (Version: 1.0.61110.0316)
ApnStub
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
applicationupdater
ARMA 2 Dedicated Server
Arma 2: Operation Arrowhead - Dedicated Server
ARMA 2: Operation Arrowhead Beta
ASIO4ALL (Version: 2.10)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Avira Free Antivirus (Version: 13.0.0.3640)
Backup Manager V3 (Version: 3.0.0.99)
Bandisoft MPEG-1 Decoder
Banner Maker Pro Version 9
Battlefield Play4Free
BattlEye for OA Uninstall
BlackShot
Bluetooth Win7 Suite (64) (Version: 7.4.0.96)
Bonjour (Version: 3.0.0.10)
Brick-Force (Version: )
BumpTop (Version: 2.1.6211)
Call of Duty Modern Warfare 2
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Modern Warfare 3 - Dedicated Server
Camtasia Studio 7 (Version: 7.1.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG5300 series Benutzerregistrierung
Canon MG5300 series MP Drivers
Canon MG5300 series On-screen Manual
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1110.331.6214)
Catalyst Control Center Localization All (Version: 2011.1110.331.6214)
CCC Help Chinese Standard (Version: 2011.1110.0330.6214)
CCC Help Chinese Traditional (Version: 2011.1110.0330.6214)
CCC Help Czech (Version: 2011.1110.0330.6214)
CCC Help Danish (Version: 2011.1110.0330.6214)
CCC Help Dutch (Version: 2011.1110.0330.6214)
CCC Help English (Version: 2011.1110.0330.6214)
CCC Help Finnish (Version: 2011.1110.0330.6214)
CCC Help French (Version: 2011.1110.0330.6214)
CCC Help German (Version: 2011.1110.0330.6214)
CCC Help Greek (Version: 2011.1110.0330.6214)
CCC Help Hungarian (Version: 2011.1110.0330.6214)
CCC Help Italian (Version: 2011.1110.0330.6214)
CCC Help Japanese (Version: 2011.1110.0330.6214)
CCC Help Korean (Version: 2011.1110.0330.6214)
CCC Help Norwegian (Version: 2011.1110.0330.6214)
CCC Help Polish (Version: 2011.1110.0330.6214)
CCC Help Portuguese (Version: 2011.1110.0330.6214)
CCC Help Russian (Version: 2011.1110.0330.6214)
CCC Help Spanish (Version: 2011.1110.0330.6214)
CCC Help Swedish (Version: 2011.1110.0330.6214)
CCC Help Thai (Version: 2011.1110.0330.6214)
CCC Help Turkish (Version: 2011.1110.0330.6214)
ccc-utility64 (Version: 2011.1110.331.6214)
CCleaner (Version: 4.00)
Cheat Engine 6.1
Cobra 11 - Burning Wheels (remove only)
Combat Arms EU
Core Temp 1.0 RC3 (Version: 1.0)
Corel WinDVD (Version: 10.0.5.899)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.46.1.0327)
DayZ Commander (Version: 0.9.107)
Dev-C++ 5 beta 9 release (4.9.9.2)
eBay Worldwide (Version: 2.2.0409)
ETDWare PS/2-X64 8.0.6.2_WHQL (Version: 8.0.6.2)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
File Shredder 2.5
FileSwap Client (Version: 2.13.1)
FileZilla Client 3.7.0.1 (Version: 3.7.0.1)
Firebird 2.5.0.26074 (Win32) (Version: 2.5.0.26074)
FL Studio 10
Flatcast Producer Plugin 5.3.0.784
FormatFactory 2.95 (Version: 2.95)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Fraps (remove only)
Free Video Call Recorder for Skype version 1.0.2.115 (Version: 1.0.2.115)
Free YouTube Download version 3.2.0.128 (Version: 3.2.0.128)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
Gadwin PrintScreen (Version: 4.7)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
gamelauncher-ps2-psg
Ghost Recon Online (Version: 1.30.8665.2)
GIMP 2.8.2 (Version: 2.8.2)
Google Chrome (Version: 26.0.1410.64)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Talk Plugin (Version: 3.19.1.13088)
Google Update Helper (Version: 1.3.21.145)
Grand Theft Auto IV
Grand Theft Auto San Andreas (Version: 1.00.00001)
Half-Life 2: Deathmatch
HeadStrong WebClicker v2.56 (Version: 2.56)
Hear
Heat Online
HydraVision (Version: 4.2.248.0)
Identity Card (Version: 1.00.3501)
IL Download Manager
Install Absolute Data Protect (Version: 1.0.0.42)
Intel(R) Management Engine Components (Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 11.0.3.42)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyLemon (Version: 2.7.1)
Landwirtschafts Simulator 2013 (Version: 1.0)
Launch Manager (Version: 6.0.7)
League of Legends (Version: 1.3)
Left 4 Dead 2
Left 4 Dead 2 Authoring Tools
Left 4 Dead 2 Dedicated Server
Left 4 Dead Dedicated Server
LogMeIn Hamachi (Version: 2.1.0.362)
MAESTIA Version 201201 (Version: 201201)
Mafia II
Medicopter 4 deinstallieren (Version: Medicopter4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.1.99.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Mozilla Thunderbird 17.0.3 (x86 de) (Version: 17.0.3)
MSI to redistribute MS VS2005 CRT libraries (Version: 8.0.50727.42)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Need For Speed™ World (Version: 1.0.0.936)
Nero 12 (Version: 12.0.02000)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.0.2001)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.14300)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Burning ROM (Version: 12.0.20000)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15200)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.18100)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.20000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.18200)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode (Version: 12.0.24000)
Nero Recode Help (CHM) (Version: 12.0.4000)
Nero RescueAgent (Version: 12.0.9000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.0.3000)
Nero Video Help (CHM) (Version: 12.0.4000)
newsXpresso (Version: 1.0.0.40)
Nexon Game Manager
No-IP DUC (Version: 4.0.1)
Norton Online Backup (Version: 2.1.17869)
Notepad++ (Version: 6.1.2)
NTI Media Maker 9 (Version: 9.0.2.8942)
NVIDIA PhysX (Version: 9.10.0513)
ObjectDock Free (Version: 2.0)
Oracle VM VirtualBox 4.2.12 (Version: 4.2.12)
Origin (Version: 9.1.3.2637)
Pando Media Booster (Version: 2.6.0.8)
PCSX2 - Playstation 2 Emulator
PDF Settings CS6 (Version: 11.0)
PlanetSide 2 (Version: 1.0.3.183)
Play withSIX (Version: 1.30.0450)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
Prerequisite installer (Version: 12.0.0002)
ProtectDisc Driver, Version 11 (Version: 11.0.0.11)
PunkBuster Services (Version: 0.990)
PX Profile Update (Version: 1.00.1.)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Razer Game Booster (Version: 3.5.6.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6318)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30123)
reFX Nexus VSTi RTAS v2.2.0
RocketDock 1.3.5
RollerCoaster Tycoon 3
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
SAM Broadcaster v4 (Version: v4)
skate's Thumbnail Tool Version 1.1.2 (Version: 1.1.2)
Skype™ 6.3 (Version: 6.3.105)
Source SDK Base 2007
Speccy (Version: 1.20)
Spotify (Version: 0.9.0.128.g3134f863)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synthesia (Version: 8.5)
T4E Player
TeamSpeak 3 Client (Version: 3.0.10.1)
TeamViewer 8 (Version: 8.0.18051)
The War Z version alpha (Version: alpha)
theHunter (remove only)
Tom Clancy's Splinter Cell Conviction (Version: 1.04.000)
Tunngle beta
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Ubisoft Game Launcher (Version: 1.0.0.0)
UE3Redist (Version: 1.00.0000)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
USB Joystick (Version: 1.00.0000)
Virtual Audio Cable 4.10
VirtualDJ PRO Full (Version: 7.0.4)
VLC media player 2.0.1 (Version: 2.0.1)
VMware Player (Version: 4.0.4.30409)
War Inc Battlezone version 1.0.0 (Version: 1.0.0)
Warframe
Welcome App (Start-up experience) (Version: 12.0.14000)
Welcome Center (Version: 1.02.3504)
Winamp (Version: 5.623 )
Winamp Erkennungs-Plug-in (Version: 1.0.0.1)
Windows 7 Logon Background Changer (Version: 1.5.2)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Windows Speech Recognition Macros (Version: 1.0.6862.19)
WinRAR
Zattoo4 4.0.5 (Version: 4.0.5)
Zeta Producer 11 11.0.4 (nur entfernen) (Version: 11.0.4)
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 7157.86 MB
Available physical RAM: 4986.82 MB
Total Pagefile: 14313.9 MB
Available Pagefile: 11707.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.53 MB
========================= Partitions: =====================================
1 Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:325.19 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\KILIAN-LAPTOP
Administrator Gast Kilian
Test123
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
25.05.2013, 12:33
| #26 |
| | CPU-Auslastung von meinem Laptop sehr hoch! Und zu guter Letzt die Logfile von OTL: Code:
ATTFilter OTL logfile created on: 5/24/2013 7:50:47 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kilian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: Vereinigte Staaten von Amerika | Language: ENU | Date Format: M/d/yyyy
6.99 Gb Total Physical Memory | 4.85 Gb Available Physical Memory | 69.43% Memory free
13.98 Gb Paging File | 11.40 Gb Available in Paging File | 81.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.54 Gb Total Space | 325.18 Gb Free Space | 47.57% Space Free | Partition Type: NTFS
Computer Name: KILIAN-LAPTOP | User Name: Kilian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Kilian\Desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
PRC - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
SRV - (FirebirdServerDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (REN2CAP_DRIVER) -- C:\Windows\SysNative\drivers\ren2cap.sys ()
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2551311250-958237084-932551016-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.6.0.20130418072822
FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.0.8
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kilian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Kilian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv530.dll (1 mal 1 Software GmbH)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/13 20:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}: C:\Program Files\KeyLemon\extension\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/03/22 06:08:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/03/13 20:09:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 16:53:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/12 16:53:31 | 000,000,000 | ---D | M]
[2012/11/14 18:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Extensions
[2013/05/20 04:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions
[2013/05/20 04:18:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/01/10 18:43:33 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\battlefieldplay4free@ea.com
[2013/02/05 18:55:32 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\l30l3p3n.default\extensions\info@djzig.com
[2012/08/25 14:09:56 | 000,077,464 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\ciuvo-extension@billiger.de.xpi
[2013/05/07 19:37:58 | 000,534,214 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/08 22:27:56 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\firefox\profiles\l30l3p3n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/12 16:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/12 16:53:35 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/23 14:41:48 | 002,557,440 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFp530.dll
[2012/10/23 20:43:52 | 001,623,552 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll
[2013/01/17 02:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/17 02:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/17 02:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/01/17 02:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/01/17 02:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/01/17 02:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\npbrowserext.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: New Tab for Chrome = C:\Users\Kilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0\
O1 HOSTS File: ([2013/05/16 21:55:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O3 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [ISW] File not found
O4:64bit: - HKLM..\Run: [KeyLemon LemonScreen] C:\Program Files\KeyLemon\KLLockEngine.exe ()
O4:64bit: - HKLM..\Run: [KeyLemon Updater] C:\Programme\KeyLemon\KLUpdater.exe ()
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Akamai NetSession Interface] C:\Users\Kilian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Facebook Update] C:\Users\Kilian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [NetFramewk.exe] C:\book\data\NetFramewk.exe (Microsoft@2012)
O4 - HKU\S-1-5-21-2551311250-958237084-932551016-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2551311250-958237084-932551016-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab (DLM Control)
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll (Flatcast Viewer 5.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70A28DBD-5880-45F5-B091-41405292A075}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/24 19:50:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL (2).exe
[2013/05/24 19:47:48 | 000,760,723 | ---- | C] (Farbar) -- C:\Users\Kilian\Desktop\MiniToolBox.exe
[2013/05/24 19:43:55 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Kilian\Desktop\FSS.exe
[2013/05/24 19:37:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/05/24 19:37:26 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/24 19:36:31 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Kilian\Desktop\JRT.exe
[2013/05/23 21:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/05/23 21:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/05/22 21:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/05/21 16:10:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\mbar
[2013/05/18 21:16:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/18 21:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/05/18 21:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/05/17 14:03:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/16 21:55:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/16 21:38:06 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/05/16 21:35:55 | 005,066,411 | R--- | C] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe
[2013/05/15 20:04:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/15 20:04:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/15 20:04:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/15 20:04:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/15 20:03:46 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/14 22:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013/05/14 22:54:28 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Intel Corporation
[2013/05/13 20:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/05/13 19:43:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Rockstar Games
[2013/05/13 19:40:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013/05/13 19:39:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/05/13 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Rockstar Games
[2013/05/13 19:38:53 | 000,000,000 | RH-D | C] -- C:\Users\Kilian\AppData\Roaming\SecuROM
[2013/05/13 19:38:52 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/05/13 19:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2013/05/13 19:38:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2013/05/11 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\DomeKilian
[2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/05/11 17:56:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/05/10 02:36:28 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/05/10 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/05/09 20:38:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Avira
[2013/05/09 20:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/05/09 20:31:57 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/05/09 20:31:57 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/05/09 20:31:57 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/05/09 20:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/05/09 20:26:46 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/05/09 14:37:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\CheckPoint
[2013/05/09 14:32:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD
[2013/05/09 14:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013/05/09 13:58:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Win-RAR Archive
[2013/05/01 18:42:43 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV
[2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryptigo
[2013/04/27 17:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cryptigo
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/24 19:52:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job
[2013/05/24 19:50:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL (2).exe
[2013/05/24 19:47:45 | 000,760,723 | ---- | M] (Farbar) -- C:\Users\Kilian\Desktop\MiniToolBox.exe
[2013/05/24 19:43:53 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Kilian\Desktop\FSS.exe
[2013/05/24 19:36:28 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Kilian\Desktop\JRT.exe
[2013/05/24 19:30:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 19:21:02 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 19:21:02 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 19:18:11 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/24 19:18:11 | 000,699,666 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/05/24 19:18:11 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/24 19:18:11 | 000,149,774 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/05/24 19:18:11 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/24 19:13:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/24 19:13:19 | 1334,202,367 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/23 23:13:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/23 23:10:56 | 000,005,632 | ---- | M] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/23 23:00:31 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000UA.job
[2013/05/23 22:58:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/22 20:00:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job
[2013/05/21 22:56:46 | 001,594,892 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/21 22:37:08 | 000,000,600 | ---- | M] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND
[2013/05/21 17:52:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2551311250-958237084-932551016-1000Core.job
[2013/05/19 19:20:38 | 000,632,031 | ---- | M] () -- C:\Users\Kilian\Desktop\adwcleaner.exe
[2013/05/18 21:16:15 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/16 21:55:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/05/16 21:35:49 | 005,066,411 | R--- | M] (Swearware) -- C:\Users\Kilian\Desktop\ComboFix.exe
[2013/05/16 15:07:32 | 005,056,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/13 19:38:52 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2013/05/13 19:15:55 | 000,057,784 | ---- | M] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip
[2013/05/13 16:33:53 | 000,377,856 | ---- | M] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe
[2013/05/13 16:32:11 | 000,000,168 | ---- | M] () -- C:\Users\Kilian\defogger_reenable
[2013/05/13 16:30:57 | 000,050,477 | ---- | M] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2013/05/12 20:53:08 | 000,007,598 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2013/05/12 01:01:20 | 000,001,456 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013/05/10 02:36:17 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013/05/09 20:32:42 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/05/09 20:31:30 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/05/09 20:31:30 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/05/09 20:31:30 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/05/09 14:04:40 | 000,035,048 | ---- | M] () -- C:\Windows\temp.bmp
[2013/05/04 02:05:32 | 000,017,408 | ---- | M] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db
[2013/04/29 02:03:18 | 000,002,019 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg
[2013/04/28 15:39:10 | 000,001,640 | ---- | M] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/19 19:20:55 | 000,632,031 | ---- | C] () -- C:\Users\Kilian\Desktop\adwcleaner.exe
[2013/05/18 21:16:15 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/15 20:04:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/15 20:04:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/15 20:04:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/15 20:04:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/15 20:04:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/13 19:15:55 | 000,057,784 | ---- | C] () -- C:\Users\Kilian\Desktop\Oldtimer Logfiles.zip
[2013/05/13 16:34:00 | 000,377,856 | ---- | C] () -- C:\Users\Kilian\Desktop\gmer_2.1.19163.exe
[2013/05/13 16:32:11 | 000,000,168 | ---- | C] () -- C:\Users\Kilian\defogger_reenable
[2013/05/13 16:30:56 | 000,050,477 | ---- | C] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2013/05/09 20:32:42 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/04/20 17:31:12 | 000,017,408 | ---- | C] () -- C:\Users\Kilian\AppData\Local\WebpageIcons.db
[2013/03/23 20:04:12 | 000,213,173 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\UserTile.png
[2013/02/10 21:16:31 | 000,002,349 | ---- | C] () -- C:\Users\Kilian\test.php
[2013/01/08 20:30:45 | 000,003,315 | ---- | C] () -- C:\Users\Kilian\AppData\Local\recently-used.xbel
[2013/01/08 18:14:41 | 000,001,456 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2012/12/09 01:58:04 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/11/25 02:02:47 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012/11/06 00:10:59 | 000,281,120 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/11/06 00:10:59 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/10/23 22:09:28 | 000,001,640 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_1.cfg
[2012/10/23 22:09:12 | 000,002,019 | ---- | C] () -- C:\Users\Kilian\AppData\Local\dsp_edcast_v3_0.cfg
[2012/10/23 20:40:52 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2012/10/23 20:40:52 | 000,002,333 | ---- | C] () -- C:\Windows\unins000.dat
[2012/10/23 00:19:35 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND
[2012/10/22 21:45:33 | 000,007,598 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2012/10/13 16:35:15 | 019,143,619 | ---- | C] () -- C:\Users\Kilian\Mac_Theme_for_Windows_7___64bit_.rar
[2012/10/08 21:32:19 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2012/10/01 10:44:18 | 000,005,632 | ---- | C] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/26 20:51:36 | 000,045,270 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\room_v3.dat
[2012/09/25 18:32:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/07/10 19:25:15 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2012/05/07 19:12:41 | 001,594,892 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/07 16:23:22 | 000,000,828 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\AbsoluteReminder.xml
[2012/05/02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/20 06:04:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/01/20 05:55:31 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/11/29 09:09:23 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/11/10 04:24:46 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/09/19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2011/09/19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/01/19 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(4C-BC-A5-88-6C-2C)
[2012/08/17 19:18:45 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\(64-99-5D-E8-3B-29)
[2013/05/19 21:33:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.minecraft
[2013/05/12 19:15:40 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.techniclauncher
[2012/07/30 03:34:08 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Aeria Games & Entertainment
[2012/12/09 01:58:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Atari
[2012/06/10 22:10:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Audacity
[2012/08/07 23:08:46 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\BANDISOFT
[2012/07/07 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Bump Technologies, Inc
[2012/09/07 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Canon
[2013/05/09 14:32:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Check Point Software Technologies LTD
[2013/05/19 19:30:50 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\CheckPoint
[2012/08/07 23:54:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Cocoon Software
[2012/06/22 23:44:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/05/24 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite
[2012/09/14 23:41:21 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Deckadance19
[2012/11/02 01:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Dev-Cpp
[2013/05/10 00:00:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoft
[2013/01/31 01:41:18 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileSwap2
[2013/05/20 14:56:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileZilla
[2012/10/07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\GarenaPlus
[2013/04/20 04:22:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Hear
[2012/07/30 23:27:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ijjigame
[2013/04/13 02:28:32 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\KeePass
[2012/12/09 01:57:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Leadertech
[2012/10/23 18:28:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\logs
[2012/11/05 21:19:27 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\LolClient
[2012/11/14 18:25:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Luxand
[2012/06/10 22:10:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Need for Speed World
[2012/05/08 19:21:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++
[2013/01/05 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Origin
[2012/06/23 02:39:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\PDAppFlex
[2013/03/12 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Play withSIX
[2012/10/26 12:56:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ProtectDisc
[2012/11/04 00:04:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screaming Bee
[2012/05/07 16:24:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Screensaver
[2013/01/11 23:23:02 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skate's Thumbnail Tool
[2012/11/25 01:18:51 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\skynet
[2012/05/07 21:04:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SoftGrid Client
[2012/11/23 23:46:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SongManager
[2013/05/21 22:51:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Spotify
[2013/01/08 20:39:35 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/10/13 17:40:58 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Stardock
[2013/04/10 19:00:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Synthesia
[2013/05/12 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeamViewer
[2012/11/18 21:20:09 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TechSmith
[2013/05/15 20:18:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\temp
[2012/08/28 17:43:10 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird
[2012/05/07 19:13:33 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TP
[2013/05/23 23:17:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TS3Client
[2013/03/20 02:55:29 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay
[2012/11/03 01:15:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay_hook_win64
[2012/09/26 22:03:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Tunngle
[2012/09/11 20:11:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Unity
[2013/01/11 23:07:00 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\VisioForge
[2012/11/03 19:58:37 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\YaTQA
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:08948D52
< End of report >
Gruß Kilian |
|
27.05.2013, 19:20
| #27 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! Hallo Kilian schau bitte einmal in Ordner c:\qoobox nach txt files und poste diese hier. Installiere dir bitte den Process Explorer und versuche nochmals herauszufinden welcher Prozess die Leistung zieht. Auf deinem System laufen vmware, teamviewer, steam ... alle Diese Tools können Leistung ziehen sobald du online gehst. Daher prüfe eine Deinstallation. Rein Malwaretechnisch ist nichts zu finden. Deaktiviere mal deine Antivirenlösung und schau nach ob die Auslastung dadurch runtergeht. Alternativ versuche bitte folgende Methode (Cleanboot) Clean Boot - Probleme beim Systemstart diagnostizieren |
|
31.05.2013, 18:27
| #28 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! Hi, ich hab jetzt zum dritten mal länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe? Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos. Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen. |
|
01.06.2013, 23:16
| #29 |
| /// Malwareteam | CPU-Auslastung von meinem Laptop sehr hoch! Fehlende Rückmeldung Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten. Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen. |
|
| Themen zu CPU-Auslastung von meinem Laptop sehr hoch! |
| acer, adapter, avira, boost, cpu auslastung hoch, cpu auslastung sehr hoch, cpu-auslastung, gefunde, laptop, laufe, laufen, mein laptop lagt, nichts, programm, sinkt, system, virenprogramm, wlan, woche, wochen |
Gruß Aneri 
Linear-Darstellung
