| |
| |||||||
Log-Analyse und Auswertung: Internetprobleme und viele andere kleine DingeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.07.2013, 10:58
| #1 |
 |  Internetprobleme und viele andere kleine Dinge Wie der Titel schon sagt, habe ich seit geraumer Zeit immer wieder Probleme mit dem Netzwerk. Sporadisch setzt das Internet aus, manchmal 10 - 15 sec. andere Male mehrere Stunden. Das Internet läuft über Ethernet, also kein Wireless. Mein Vater und ich laufen über denselben Rauter, und er hat nie Probleme, ebenso wie ich mit dem Laptop. Mein Problem ist, wenn ich den Fehler provozieren will, tritt er so gut wie nie auf.  . Ich habe schon diverse Virenscans durchgeführt, bisher ohne Erfolg. Kasperski Ressource Disk auch schon durchlaufen lassen, jedoch auch ohne Erfolg. Ich bin langsam mit meinem Latein am Ende und wäre sehr froh wenn mir jemand helfen könnte.Unten habe ich noch einen Ping laufen lassen über den Standard Gateway.  PS; Auf meinem PC habe ich noch einige weitere Probleme, wie z.B. Yantoo, oder dass der PC immer wieder Hängen bleibt für ein paar Sekunden oder dass mein Mauszeiger komische, unpassende Symbole anzeigt. Ich bin mir nicht sicher ob ich am besten „Format C „durchführen würde, für das habe ich jedoch auch wieder einen Tag Arbeit. PPS; ich hoffe dieser Text ist leserlich, da mir diese aufhänger mit der Zeit so richtig auf den Keks gehen -.-  LG Alex000 OTL Code:
ATTFilter OTL logfile created on: 18.07.2013 11:05:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alexander\Desktop Professional Service Pack 3 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 3.25 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 41.34% Memory free 6.49 Gb Paging File | 4.03 Gb Available in Paging File | 62.09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931.51 Gb Total Space | 559.84 Gb Free Space | 60.10% Space Free | Partition Type: NTFS Drive D: | 3.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive E: | 675.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive I: | 222.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: ALEXANDER-PC | User Name: Alexander | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.18 10:57:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe PRC - [2013.07.03 23:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.07.03 23:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe PRC - [2013.07.03 13:45:31 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2013.06.21 11:52:52 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2013.06.21 11:52:51 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.06.20 18:05:14 | 000,312,512 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MpCmdRun.exe PRC - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe PRC - [2013.06.20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe PRC - [2013.06.13 13:54:08 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe PRC - [2013.05.13 10:19:00 | 000,659,456 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2013.03.23 03:56:36 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Alexander\AppData\Roaming\Yontoo\YontooDesktop.exe PRC - [2013.03.23 03:56:36 | 000,023,552 | ---- | M] (Microsoft) -- C:\Programme\Yontoo\Y2Desktop.Updater.exe PRC - [2013.03.21 06:10:12 | 003,560,832 | ---- | M] (Xfire Inc.) -- C:\Programme\Xfire\Xfire.exe PRC - [2013.01.28 15:19:30 | 001,926,944 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe PRC - [2013.01.28 15:19:26 | 001,724,192 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe PRC - [2012.12.07 17:26:56 | 000,167,424 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.04.06 04:16:24 | 000,451,072 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012.04.06 04:15:50 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012.01.20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE PRC - [2011.11.22 10:59:30 | 000,018,432 | ---- | M] () -- C:\Users\Alexander\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe PRC - [2011.11.10 01:49:24 | 001,677,072 | ---- | M] (ClanServers Hosting LLC) -- C:\Programme\GameTracker\GSInGameService.exe PRC - [2011.11.10 01:49:22 | 004,018,448 | ---- | M] (ClanServers Hosting LLC) -- C:\Programme\GameTracker\GTLite.exe PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.03.15 10:21:18 | 001,780,224 | ---- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE PRC - [2007.11.21 04:10:24 | 003,293,184 | ---- | M] (Google) -- C:\Programme\Google\Google Talk\googletalk.exe ========== Modules (No Company Name) ========== MOD - [2013.07.18 10:18:01 | 000,013,600 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll MOD - [2013.07.12 18:45:21 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f95e6b6a92e3e28a3b553fe2998dd308\System.Data.ni.dll MOD - [2013.07.12 18:45:04 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll MOD - [2013.07.12 18:45:00 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll MOD - [2013.07.12 18:44:45 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll MOD - [2013.07.12 18:44:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll MOD - [2013.07.12 18:44:41 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll MOD - [2013.07.12 18:44:32 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll MOD - [2013.07.12 14:35:58 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll MOD - [2013.07.03 13:45:11 | 003,285,912 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2013.06.13 13:54:07 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll MOD - [2013.05.16 07:33:37 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2013.05.16 07:33:36 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2013.05.13 10:19:00 | 001,515,520 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2013.05.13 10:19:00 | 000,659,456 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2013.05.13 10:19:00 | 000,559,244 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2013.05.13 10:19:00 | 000,516,599 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2013.05.13 10:19:00 | 000,405,504 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\htcDetect.dll MOD - [2013.05.13 10:19:00 | 000,172,032 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2013.05.13 10:19:00 | 000,159,744 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2013.05.13 10:19:00 | 000,109,056 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2013.05.13 10:19:00 | 000,094,208 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2013.05.13 10:19:00 | 000,010,240 | ---- | M] () -- C:\Programme\HTC\HTC Sync 3.0\ItemSyncLimit.dll MOD - [2013.04.20 00:55:06 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2012.10.05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010.11.13 02:02:21 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:58:10 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll MOD - [2010.11.05 03:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010.03.02 15:30:58 | 064,125,952 | ---- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\skin.dll MOD - [2009.05.07 16:53:18 | 000,106,496 | ---- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll MOD - [2009.05.07 16:50:46 | 000,073,728 | ---- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll MOD - [2008.02.14 13:57:00 | 000,094,208 | ---- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\Alexander\AppData\Roaming\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater) SRV - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.07.03 13:45:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.06.20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013.06.13 13:54:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013.01.28 15:19:28 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2013.01.28 15:19:26 | 001,724,192 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.12.07 17:26:56 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012.09.20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2012.05.06 11:45:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2012.04.06 04:15:50 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.11.22 10:59:30 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Alexander\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe -- (StumbleUponUpdater) SRV - [2011.11.10 01:49:24 | 001,677,072 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Programme\GameTracker\GSInGameService.exe -- (GS In-Game Service) SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\amdiox86.sys -- (amdiox86) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ALEXAN~1\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2013.07.18 10:16:56 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4FEBC9BB-BE99-45DC-8E07-6FDEA13558FD}\MpKslcaa1daa2.sys -- (MpKslcaa1daa2) DRV - [2013.06.21 14:02:43 | 009,069,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013.06.18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2013.05.29 17:55:23 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2013.05.29 17:50:38 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2013.04.16 14:35:12 | 000,278,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2013.04.16 14:28:54 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2013.04.10 03:45:30 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\ALEXAN~1\AppData\Local\Temp\nsysaudm.sys -- (nsysaudm) DRV - [2013.02.25 07:27:46 | 000,154,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2013.02.22 03:50:36 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6) DRV - [2012.11.16 17:51:36 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012.05.27 14:56:33 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2012.05.27 14:56:32 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2012.05.21 20:04:48 | 000,011,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon) DRV - [2012.05.21 18:48:36 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2012.04.06 07:21:10 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012.04.06 03:10:22 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012.02.23 14:31:58 | 000,086,544 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010.12.10 13:50:12 | 000,141,440 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010.12.10 13:50:12 | 000,062,336 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.07.06 11:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2010.04.27 17:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010.04.27 17:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010.04.27 17:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010.04.27 15:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2010.03.02 19:27:28 | 001,127,936 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.10.26 08:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2000.01.01 02:00:00 | 000,068,720 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcf.sys -- (JMCF) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=hp&installDate=27/02/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=CH&userid=645015fd-5e27-4eb1-9bab-7706923ba215&searchtype=ds&q={searchTerms}&installDate=27/02/2013 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=44444&tt=5112_6&babsrc=SP_ss&mntrId=80f5cf7c00000000000020cf30e46a17 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultenginename,S: S", "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.order.1,S: S", "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02 FF - prefs.js..extensions.enabledAddons: survey-remover%40gmx.com:3.1.2 FF - prefs.js..extensions.enabledAddons: videosaver%40videosaver.net:1.111 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 13:45:06 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\videosaver@videosaver.net: C:\Program Files\VideoSaver\FF\ [2013.05.12 12:52:34 | 000,000,000 | ---D | M] [2012.07.18 12:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\Extensions [2013.05.25 19:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions [2013.02.21 20:36:55 | 000,000,000 | ---D | M] (Browse2save) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\512668b5c03e1@512668b5c0418.com [2013.02.21 20:36:55 | 000,000,000 | ---D | M] (Search-NewTab) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\512668c4ddbd9@512668c4ddc13.com [2013.02.27 10:00:39 | 000,000,000 | ---D | M] (Browsee2saave) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\6t1uiyi@crluykmyoeo.edu [2012.09.15 13:26:29 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\plugin@videofiledownload.com [2013.04.10 18:03:31 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\plugin@yontoo.com [2012.08.29 17:55:56 | 000,000,000 | ---D | M] (StumbleUpon) -- C:\Users\Alexander\AppData\Roaming\mozilla\Firefox\Profiles\qgh8ob02.default\extensions\toolbar@stumbleupon.com [2013.05.25 19:45:16 | 002,168,615 | ---- | M] () (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\qgh8ob02.default\extensions\firebug@software.joehewitt.com.xpi [2013.04.14 17:14:00 | 000,051,442 | ---- | M] () (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\qgh8ob02.default\extensions\survey-remover@gmx.com.xpi [2012.12.11 18:37:43 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\qgh8ob02.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.05.10 09:10:57 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\qgh8ob02.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.03.10 12:14:39 | 000,002,439 | ---- | M] () -- C:\Users\Alexander\AppData\Roaming\mozilla\firefox\profiles\qgh8ob02.default\searchplugins\Web Search.xml [2013.07.03 13:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\Extensions [2013.07.03 13:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.07.03 13:45:31 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.12 12:52:34 | 000,000,000 | ---D | M] ("VideoSaver") -- C:\PROGRAM FILES\VIDEOSAVER\FF [2012.12.18 21:40:10 | 000,002,348 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - homepage: hxxp://websearch.pu-results.info/?pid=724&r=2013/02/21&hid=693363068&lg=EN&cc=CH CHR - Extension: Browsee2saave = C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfdpcpbhflogfoogkbppfbmlfjajpgm\1\ CHR - Extension: Browse2save = C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocmlkcfkihaabadjgaekgalkgldbjnmb\1\ CHR - Extension: Search-NewTab = C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfiphpokjgindklljbggepbhmkdcgaj\1\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Browsee2saave) - {10B1AFC9-A14B-6DFD-8784-C20F6A05A4DE} - C:\ProgramData\Browsee2saave\512dc406ed410.dll () O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Alexander\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (VideoSaver) - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Programme\VideoSaver\VideoSaver.dll (VideoSaver) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4 - HKCU..\Run: [GameTracker] C:\Program Files\GameTracker\GTLite.exe (ClanServers Hosting LLC) O4 - HKCU..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google) O4 - HKCU..\Run: [MMServerListAutoUpdater] C:\Programme\Sierra\SWAT 4\Content\System\MMServerListAutoUpdater.exe () O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk = C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71BD02BF-A4C6-4B88-9B6A-12C24A331EC2}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012.09.28 15:30:38 | 000,055,176 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2012.09.28 11:48:28 | 000,000,049 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2007.10.05 16:21:18 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ] O32 - AutoRun File - [2004.10.05 19:11:42 | 000,180,224 | R--- | M] () - E:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2004.08.24 17:57:32 | 000,000,042 | R--- | M] () - E:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2007.01.25 15:50:58 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) - I:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2007.01.23 19:55:10 | 000,000,912 | R--- | M] () - I:\autorun.cfg -- [ CDFS ] O32 - AutoRun File - [2007.01.25 11:28:52 | 000,000,075 | R--- | M] () - I:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{493f6959-7dd3-11e2-bf05-20cf30e46a17}\Shell - "" = AutoRun O33 - MountPoints2\{493f6959-7dd3-11e2-bf05-20cf30e46a17}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{af3d369a-c877-11e2-9739-2ee9a0c0ee62}\Shell - "" = AutoRun O33 - MountPoints2\{af3d369a-c877-11e2-9739-2ee9a0c0ee62}\Shell\AutoRun\command - "" = I:\Autorun.exe -- [2007.01.25 15:50:58 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) O33 - MountPoints2\{eeadfbd7-a367-11e1-965f-20cf30e46a17}\Shell - "" = AutoRun O33 - MountPoints2\{eeadfbd7-a367-11e1-965f-20cf30e46a17}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2012.09.28 15:30:38 | 000,055,176 | R--- | M] (Electronic Arts) O33 - MountPoints2\{eeadfbd8-a367-11e1-965f-20cf30e46a17}\Shell - "" = AutoRun O33 - MountPoints2\{eeadfbd8-a367-11e1-965f-20cf30e46a17}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2004.10.05 19:11:42 | 000,180,224 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.18 11:06:29 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\helper [2013.07.18 10:57:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2013.07.16 11:02:06 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\FT Software Updates [2013.07.16 10:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feuer- und Notfallsimulation Wegberg [2013.07.12 11:13:21 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Outlook [2013.07.12 11:10:56 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\My Photos [2013.07.12 11:10:56 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\My Documents [2013.07.12 11:08:54 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Htc [2013.07.12 11:08:39 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2013.07.12 11:05:28 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\HTC [2013.07.12 11:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync [2013.07.11 15:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013.07.11 15:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2013.07.11 15:24:38 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Adobe [2013.07.11 15:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC [2013.07.11 15:02:43 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Roaming\Apple Computer [2013.07.11 15:02:43 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Apple Computer [2013.07.11 15:02:36 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\HTC [2013.07.11 15:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Motorola [2013.07.11 15:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC [2013.07.11 15:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications [2013.07.11 15:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\HTC [2013.07.11 14:59:55 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Downloaded Installations [2013.07.07 16:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief 3 Sneaky Upgrade [2013.07.07 16:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Thief 3 Sneaky Upgrade [2013.07.07 15:40:08 | 000,000,000 | ---D | C] -- C:\Users\Alexander\AppData\Local\Apps [2013.07.03 16:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend [2013.07.03 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Trend [2013.07.03 13:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.07.03 13:24:03 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Documents\Thief - Deadly Shadows [2013.07.03 13:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos [2013.07.03 13:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Thief - Deadly Shadows [2013.07.01 18:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2013.06.24 20:04:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.06.20 19:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Alarm für Cobra 11 Undercover (full) [2013.06.19 17:03:45 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\origggg [2013.06.18 19:16:16 | 000,000,000 | ---D | C] -- C:\Users\Alexander\Desktop\FAIL [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.18 11:03:10 | 000,000,176 | ---- | M] () -- C:\Users\Alexander\defogger_reenable [2013.07.18 11:02:18 | 000,050,477 | ---- | M] () -- C:\Users\Alexander\Desktop\Defogger.exe [2013.07.18 10:57:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alexander\Desktop\OTL.exe [2013.07.18 10:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.18 10:25:39 | 000,019,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.18 10:25:39 | 000,019,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.18 10:16:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.17 14:04:33 | 000,711,254 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.07.17 14:04:33 | 000,664,244 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.07.17 14:04:33 | 000,154,240 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.07.17 14:04:33 | 000,126,270 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.07.16 10:55:05 | 000,002,504 | ---- | M] () -- C:\Users\Public\Desktop\Wegberg 6 starten.lnk [2013.07.15 11:35:18 | 000,002,407 | ---- | M] () -- C:\Users\Public\Desktop\Los Angeles Mod v2.1.lnk [2013.07.14 10:13:32 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2013.07.12 18:43:47 | 000,422,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.07.12 14:35:58 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll [2013.07.12 11:05:06 | 000,001,040 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk [2013.07.11 15:03:35 | 000,144,252 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2013.07.11 09:55:15 | 000,000,024 | ---- | M] () -- C:\Users\Alexander\random.dat [2013.07.11 09:52:55 | 000,000,023 | ---- | M] () -- C:\Users\Alexander\jagexappletviewer.preferences [2013.07.11 09:35:26 | 000,000,048 | ---- | M] () -- C:\Users\Alexander\jagex_cl_runescape_LIVE.dat [2013.07.09 17:49:04 | 000,014,958 | ---- | M] () -- C:\Users\Alexander\AppData\Local\recently-used.xbel [2013.07.09 10:27:59 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 3 Design-Garten-Accessoires.lnk [2013.07.08 12:44:14 | 000,108,144 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2013.07.08 12:43:58 | 000,002,504 | ---- | M] () -- C:\Users\Alexander\Desktop\Karteneditor - Die Siedler II - Die nächste Generation.lnk [2013.07.08 12:43:58 | 000,002,504 | ---- | M] () -- C:\Users\Alexander\Desktop\Die Siedler II - Die nächste Generation - Wikinger.lnk [2013.07.08 12:43:58 | 000,002,458 | ---- | M] () -- C:\Users\Alexander\Desktop\Die Siedler II - Die nächste Generation.lnk [2013.06.26 19:35:35 | 000,045,697 | ---- | M] () -- C:\Users\Alexander\Desktop\jojo gay.JPG [2013.06.24 20:03:49 | 273,188,117 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.06.21 14:02:43 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2013.06.21 14:02:43 | 000,016,437 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2013.06.20 20:35:08 | 617,474,217 | ---- | M] () -- C:\Users\Alexander\Expansion.rar [2013.06.20 20:33:51 | 001,177,850 | ---- | M] () -- C:\Users\Alexander\Original EXE.rar [2013.06.20 20:32:00 | 000,146,652 | ---- | M] () -- C:\Users\Alexander\~uTorrentPartFile_4F362877.dat [2013.06.20 19:35:28 | 000,002,435 | ---- | M] () -- C:\Users\Alexander\Desktop\Play Crash Time 5 - Undercover.lnk [2013.06.19 18:14:17 | 003,253,909 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.18 11:02:55 | 000,000,176 | ---- | C] () -- C:\Users\Alexander\defogger_reenable [2013.07.18 11:02:13 | 000,050,477 | ---- | C] () -- C:\Users\Alexander\Desktop\Defogger.exe [2013.07.16 10:55:05 | 000,002,504 | ---- | C] () -- C:\Users\Public\Desktop\Wegberg 6 starten.lnk [2013.07.15 11:35:18 | 000,002,407 | ---- | C] () -- C:\Users\Public\Desktop\Los Angeles Mod v2.1.lnk [2013.07.14 20:07:29 | 774,073,145 | ---- | C] () -- C:\Users\Alexander\Desktop\Transport Giant Gold Edition.zip [2013.07.11 15:30:38 | 000,001,040 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk [2013.07.11 15:03:35 | 000,144,252 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2013.07.11 10:02:53 | 000,001,235 | ---- | C] () -- C:\Users\Alexander\Desktop\SWAT4 Server Browser Alternative.lnk [2013.07.09 17:49:04 | 000,014,958 | ---- | C] () -- C:\Users\Alexander\AppData\Local\recently-used.xbel [2013.07.09 10:27:59 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 3 Design-Garten-Accessoires.lnk [2013.07.08 12:43:58 | 000,002,504 | ---- | C] () -- C:\Users\Alexander\Desktop\Karteneditor - Die Siedler II - Die nächste Generation.lnk [2013.07.08 12:43:58 | 000,002,504 | ---- | C] () -- C:\Users\Alexander\Desktop\Die Siedler II - Die nächste Generation - Wikinger.lnk [2013.07.03 13:37:33 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2013.07.03 13:06:15 | 785,796,144 | ---- | C] () -- C:\Users\Alexander\Desktop\rzr-tdsa.bin [2013.06.26 19:35:34 | 000,045,697 | ---- | C] () -- C:\Users\Alexander\Desktop\jojo gay.JPG [2013.06.24 20:03:49 | 273,188,117 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.06.20 20:31:44 | 001,177,850 | ---- | C] () -- C:\Users\Alexander\Original EXE.rar [2013.06.20 20:31:44 | 000,146,652 | ---- | C] () -- C:\Users\Alexander\~uTorrentPartFile_4F362877.dat [2013.06.20 20:31:40 | 617,474,217 | ---- | C] () -- C:\Users\Alexander\Expansion.rar [2013.06.20 19:35:28 | 000,002,435 | ---- | C] () -- C:\Users\Alexander\Desktop\Play Crash Time 5 - Undercover.lnk [2013.06.09 21:10:18 | 000,098,304 | ---- | C] () -- C:\Users\Alexander\AppData\Roaming\BCWorker.exe [2013.06.06 17:10:50 | 000,000,245 | ---- | C] () -- C:\Windows\System32\regupdate.ini [2013.06.06 17:10:26 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2013.06.06 17:10:26 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2013.05.28 17:24:41 | 000,004,302 | ---- | C] () -- C:\Users\Alexander\reloaded.nfo [2013.05.24 15:35:23 | 003,253,909 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2013.05.15 17:34:42 | 000,004,096 | -H-- | C] () -- C:\Users\Alexander\AppData\Local\keyfile3.drm [2013.04.16 14:29:01 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013.04.16 14:28:54 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013.03.27 18:43:25 | 000,000,090 | ---- | C] () -- C:\Program Files\open-for-update-patch.bat [2013.03.21 06:10:18 | 000,042,880 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2013.02.15 16:30:11 | 000,003,153 | ---- | C] () -- C:\Program Files\visit-nosteam.ro.html [2013.02.15 16:30:11 | 000,000,083 | ---- | C] () -- C:\Program Files\update-NFSMW2012.bat [2013.02.02 21:56:20 | 000,301,653 | ---- | C] () -- C:\Users\Alexander\Unbenannt.xcf [2013.01.08 18:10:42 | 000,049,947 | ---- | C] () -- C:\Users\Alexander\Unbenannt.png [2013.01.01 17:52:31 | 000,000,355 | ---- | C] () -- C:\Users\Alexander\Computer - Verknüpfung.lnk [2012.12.19 18:21:16 | 000,000,000 | ---- | C] () -- C:\Users\Alexander\AppData\Local\Input.xml [2012.12.19 18:20:48 | 000,000,000 | ---- | C] () -- C:\Users\Alexander\AppData\Local\Settings.xml [2012.12.07 15:17:24 | 000,000,237 | ---- | C] () -- C:\Windows\RomeTW.ini [2012.11.16 21:49:28 | 000,000,097 | ---- | C] () -- C:\Users\Alexander\AppData\Local\fusioncache.dat [2012.11.08 17:33:07 | 000,000,049 | ---- | C] () -- C:\Users\Alexander\jagex_cl_runescape_LIVE1.dat [2012.10.19 17:18:24 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini [2012.10.17 11:59:42 | 000,004,867 | ---- | C] () -- C:\ProgramData\mfoealim.bxa [2012.09.26 14:33:14 | 000,000,529 | ---- | C] () -- C:\Windows\eReg.dat [2012.08.22 20:30:21 | 000,000,000 | ---- | C] () -- C:\Users\Alexander\adb [2012.08.08 17:01:33 | 000,000,330 | ---- | C] () -- C:\Windows\ULEAD32.INI [2012.08.01 14:20:36 | 000,007,605 | ---- | C] () -- C:\Users\Alexander\AppData\Local\Resmon.ResmonCfg [2012.07.27 10:03:38 | 000,000,048 | ---- | C] () -- C:\Users\Alexander\jagex_cl_runescape_LIVE.dat [2012.07.27 10:03:38 | 000,000,024 | ---- | C] () -- C:\Users\Alexander\random.dat [2012.07.27 10:03:33 | 000,000,023 | ---- | C] () -- C:\Users\Alexander\jagexappletviewer.preferences [2012.06.01 19:15:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.05.27 14:57:08 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll [2012.05.27 14:57:08 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys [2012.05.27 14:57:02 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys [2012.05.27 14:57:02 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys [2012.05.17 21:08:10 | 000,011,232 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys [2012.05.06 12:08:50 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.05.06 10:52:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.04.06 03:21:42 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012.04.06 03:21:42 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012.04.05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.07.14 10:31:34 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\.minecraft [2012.11.28 20:13:57 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\.Nitrous [2013.02.08 18:41:55 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Atari [2013.05.29 17:50:23 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DAEMON Tools [2013.05.29 17:56:44 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DAEMON Tools Lite [2012.11.08 17:18:25 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DVDVideoSoft [2012.07.26 12:51:12 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\DVDVideoSoftIEHelpers [2012.08.04 20:32:02 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Foxit Software [2013.07.18 10:24:14 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\GameTracker [2013.07.12 11:13:39 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\HTC [2013.07.12 11:08:39 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2013.02.08 18:41:03 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Leadertech [2012.11.26 20:58:10 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Lingo4u [2012.11.08 17:18:18 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\OpenCandy [2013.02.20 18:35:22 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Origin [2013.07.12 11:13:21 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Outlook [2012.09.25 18:42:37 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\ProtectDISC [2013.02.27 10:01:33 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\SendSpace [2013.05.08 13:41:39 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TeamViewer [2013.01.24 14:46:24 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TS3Client [2013.03.13 19:11:22 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\TuneUp Software [2013.07.17 16:47:51 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\uTorrent [2013.07.18 10:18:02 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\Yontoo [2012.09.15 13:30:59 | 000,000,000 | ---D | M] -- C:\Users\Alexander\AppData\Roaming\YourFileDownloader ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.07.2013 11:05:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alexander\Desktop
Professional Service Pack 3 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
3.25 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 41.34% Memory free
6.49 Gb Paging File | 4.03 Gb Available in Paging File | 62.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 559.84 Gb Free Space | 60.10% Space Free | Partition Type: NTFS
Drive D: | 3.90 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 675.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 222.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ALEXANDER-PC | User Name: Alexander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D94670-16A2-488D-9C8B-1E9740EB6EF5}" = lport=137 | protocol=17 | dir=in | app=system |
"{08BCDD8B-786B-4C5E-97FF-D14D0B1C1924}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0FB9D73F-7C58-4C45-B7F2-FBBB6C5310BC}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{11473711-B03E-438C-8031-4D22D73865B5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{140B83B5-7C7F-4114-92C0-4EE8FA73865A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1C3E753E-4067-4243-86CB-C397DE9C0D0D}" = rport=138 | protocol=17 | dir=out | app=system |
"{28DC2A69-E15F-4265-9CB0-53A6D15E8B62}" = rport=445 | protocol=6 | dir=out | app=system |
"{2A336B0A-10A6-45CD-B808-9DDA4DCCE0E9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BC3878B-0EAA-495E-91E8-B38AA329D660}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3F223D7F-16C4-4C28-BEFA-E2A7E4EB2569}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42B4D6B5-EA8C-4A51-B727-2D30920F5EA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42EDA6B3-EE8F-4DBD-9D9F-AAB51B39AAFF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{594E5E3D-1C6F-42B1-94E4-9DE9D73D38AA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5D3AEE3B-4E53-4BDF-94FF-F608BFDF78A2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{80A6B0E7-1931-4A9E-86F8-A46F9F056C7D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E30E712-44B2-4E6B-A780-38A0E98EFD48}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E39BFB7-4D49-4476-BF3D-CE6B03A141B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{9E072CDA-26E3-4CB2-8EB7-70E8AF55C9D4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9EFF45CE-DE70-4BDD-8CAA-8C797744E49D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC3843DD-2FC3-4F99-866A-ADA9FFB665D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC5AE6ED-077D-4AF6-A6C0-926322C9A34E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{B602A04C-478E-4CCF-B4AA-3766DAAD14A6}" = rport=139 | protocol=6 | dir=out | app=system |
"{BFDB3AF6-A95D-4A10-BD9C-6B45B7ED5234}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C841125D-BAFF-4A75-B672-1C36F134F5E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{CBCD0740-B3E4-4427-A131-E025321E6B07}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF9D4C0F-A449-4C49-9E69-DD74A3F1FE98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E22C90F1-ED80-4F51-9062-70971C959B64}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF892904-4959-44AF-AD4D-F2119B34E15E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F738F0FF-469E-41ED-92C1-58C304F6C3FD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F7C1F9D8-262F-4218-BEAE-318C29DB0E1A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F901850F-5806-4F4F-913C-31DB783F6213}" = lport=138 | protocol=17 | dir=in | app=system |
"{FD9AB17A-E53A-44DF-85A4-FDE756AC44FF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FE9BFF72-D14A-4C82-93AF-23CE4B9196C6}" = lport=445 | protocol=6 | dir=in | app=system |
"{FFE07E8B-EC2B-4B1B-A1C4-9B5FAC53A527}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0361C8B7-4A4C-4B74-A9B7-D0C815CEACC6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0B79ED5B-D71D-4869-95FF-96F3F804E34A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F8C1169-D45A-4423-99FC-5797A3E351FA}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{1010C21D-5C99-466F-9BBB-4DF3023FCD9B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe |
"{1BFA1165-C113-4F8E-A1B4-7600FF8A48A5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2088BE81-FA1F-40C7-80D0-094782E78B07}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{225930A5-E85E-4BCC-932D-C304A365AB06}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{271AC43A-9F97-4B82-BFA8-6F7C6DA8B52A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A87E4FF-A11D-415C-BD6A-954F89E6ECA5}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
"{30E0FB7C-FE65-4EA9-972F-577DF7E4349B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\driver san francisco\driver.exe |
"{3A7216A7-88D3-4845-B1F8-234DCE97128D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion\cities in motion.exe |
"{4289B110-E7AC-4C22-81A9-E453C6B2BC0A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{42EC96B1-8DE9-4A41-B0BB-65B1EDC44715}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{595EE770-E0C7-4491-A33F-457D686CD245}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E860B1B-C896-416D-B61B-6403AA4C6957}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe |
"{5EB26FE2-16EA-497C-B22F-8DBB2F359CB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{64B2EE5B-24AF-40FE-B426-C87868FCEB66}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{674E8ED2-9358-4FAC-89C5-D8A35E1DC5EC}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{6FFF9EB7-2A53-41A0-8ABC-71D22B5FE921}" = protocol=17 | dir=in | app=c:\program files\origin games\simcity\simcity\simcity.exe |
"{74331D56-B541-400B-800F-EE006E8F9431}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75DCC443-15BB-4D66-931E-FE34BF970BE0}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{7760146C-719E-485E-9E63-E43B08D46E17}" = protocol=17 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe |
"{8243713F-A6A1-414D-AF8E-EF1BF4FDB9D6}" = protocol=17 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{8B820248-A208-4D46-9D05-FC9687F6DEB6}" = protocol=6 | dir=in | app=c:\program files\origin games\simcity\simcity\simcity.exe |
"{98042A4F-1783-4B15-8D64-08E55E9D23A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98EF21D0-7C8B-4351-BAEA-C9C016C55396}" = protocol=6 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"{9AF683B2-AB1B-447D-8406-E80A7B30DD59}" = protocol=6 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\extra1\bin\settlers6.exe |
"{9C8BF501-E815-4230-936C-AC2A9E1A52C5}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{9CBEC4A4-7426-4DBA-A450-1D9676EACAFB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9D2F0F87-E33C-4C1D-8D98-40A5BD7278D7}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{9E1C268E-A8D2-46CE-8D43-6934783C726D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E624F29-3D58-4D9E-BB1A-805C6D245F50}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A04F869E-02A9-4F51-AF18-EB9D084459E3}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\extra1\bin\settlers6.exe |
"{A4DDE806-C4DC-4FF3-9617-E99707C4F9DB}" = protocol=17 | dir=in | app=c:\program files\ubisoft\die siedler - aufstieg eines königreichs\base\bin\settlers6.exe |
"{A9261D1B-75D5-4302-99C1-1B89F5060205}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A9E262E5-49A5-46CA-9DB4-F9055E1E3E77}" = protocol=17 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4low.exe |
"{AB11012B-7B4E-434B-910C-478E90E3A0C4}" = protocol=6 | dir=in | app=c:\program files\ubisoft\driver san francisco\driver.exe |
"{B74000BD-FD39-404B-ADE6-9F341AD8FC16}" = protocol=6 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4low.exe |
"{BDA0D984-D20E-4385-B68D-9EE61D1A8382}" = protocol=6 | dir=in | app=c:\counter-strike 1.6\hl.exe |
"{C118361E-9106-453E-BBE7-75856C130468}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2EFBBDD-1E9C-42B6-89E9-24BFE2A483C8}" = protocol=6 | dir=out | app=system |
"{CB31FDC1-AE74-4D30-922D-193F3A71FDB5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{CCAA818F-8E83-4551-B281-1520D238A95B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{CF9CF456-C443-419B-846D-393734E58BFB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D984B500-3F74-4506-A3A9-66742B247354}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D9898762-2706-4A07-B9F2-DA7B2855589D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0A7EC69-15E3-48C4-B7E6-B0CEE0D5E8D7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E77FE762-7A38-4A70-B458-3DAAE7E58F3C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion\cities in motion.exe |
"{EB0D3415-445E-4AE2-BD16-FD2D3C4EDC49}" = protocol=17 | dir=in | app=c:\counter-strike 1.6\hl.exe |
"{EB648821-1A90-41FE-9030-C1060024B370}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ECDB0F0D-052B-4A10-B833-6C780CF74753}" = protocol=6 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe |
"{FC9B57F6-CF9E-47EE-A3BE-5AFBABDBAC87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{080E2EAB-40AF-4565-A2DB-A3E6F3931665}C:\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\counter-strike 1.6\hl.exe |
"TCP Query User{2BAFD815-A7EE-46C7-B5B3-5287CC285EC6}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{387612D5-028F-4CA8-94F0-B3B35959A776}C:\program files\activision\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"TCP Query User{4C261302-734C-48AF-B777-39CF29B4FB9F}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{72E6064B-6645-4624-BB7D-899062A67CA4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{8EB86A59-8B4D-4C7C-AE87-702B23257987}C:\users\alexander\documents\cracks\cobra 11\c11 verzeichnis\crashtime4hi.exe" = protocol=6 | dir=in | app=c:\users\alexander\documents\cracks\cobra 11\c11 verzeichnis\crashtime4hi.exe |
"TCP Query User{959EC069-EC8B-4066-86F9-3CD49D8FA1E2}C:\program files\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=6 | dir=in | app=c:\program files\dead island riptide\deadislandgame_x86_rwdi.exe |
"TCP Query User{965DCD95-E7D4-48DA-AF3F-ED8540DAEF04}C:\program files\left4dead2 aviara\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\left4dead2 aviara\left4dead2.exe |
"TCP Query User{9DB1ADC7-5AB4-4326-83DE-EF860373ECE0}C:\program files\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
"TCP Query User{A704E837-AF7E-40B7-9733-C578BC10C10F}C:\program files\sixteen tons entertainment\emergency 4\em4.exe" = protocol=6 | dir=in | app=c:\program files\sixteen tons entertainment\emergency 4\em4.exe |
"TCP Query User{CA5045EC-7586-4A95-BA06-FDAF69472F0B}K:\xampplite\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=k:\xampplite\mysql\bin\mysqld.exe |
"TCP Query User{D5754C1F-D384-40FE-819E-70166E4364DF}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{DA233AC3-8CFD-4DA8-A58E-7D2DDD4A716A}C:\program files\origin games\need for speed(tm) most wanted\nfs13.exe" = protocol=6 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"TCP Query User{E3B6071B-E5F7-440E-9DB8-6B11B1CD6CA7}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FFF5B9DC-ADCE-4E2B-A600-6A80434B090C}K:\xampplite\apache\bin\apache.exe" = protocol=6 | dir=in | app=k:\xampplite\apache\bin\apache.exe |
"UDP Query User{0798195D-1746-450C-B7B3-6CED4804FAFB}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{18E12150-6B09-4571-A3B8-12CA0BABBFA1}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{21783F87-EDC9-42F6-B939-E5874F3877E1}K:\xampplite\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=k:\xampplite\mysql\bin\mysqld.exe |
"UDP Query User{23A5F6CD-429C-4592-9FE4-48204095E619}C:\users\alexander\documents\cracks\cobra 11\c11 verzeichnis\crashtime4hi.exe" = protocol=17 | dir=in | app=c:\users\alexander\documents\cracks\cobra 11\c11 verzeichnis\crashtime4hi.exe |
"UDP Query User{24283E3D-BD84-4307-A89B-C1AC054BC4D1}C:\program files\left4dead2 aviara\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\left4dead2 aviara\left4dead2.exe |
"UDP Query User{4CA600DC-1DA3-4BEA-8F48-1FD755073D37}C:\program files\origin games\need for speed(tm) most wanted\nfs13.exe" = protocol=17 | dir=in | app=c:\program files\origin games\need for speed(tm) most wanted\nfs13.exe |
"UDP Query User{531B96E6-BFFE-4FC7-BF9B-8BB4DE61358B}K:\xampplite\apache\bin\apache.exe" = protocol=17 | dir=in | app=k:\xampplite\apache\bin\apache.exe |
"UDP Query User{59D35323-9FF6-451E-97B7-5A4A08E81757}C:\program files\sixteen tons entertainment\emergency 4\em4.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\emergency 4\em4.exe |
"UDP Query User{6402BA83-CF91-4A10-BB63-0D34E52EA197}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{72D8DA8B-46FE-4735-A7EB-70CAD3BA0C75}C:\program files\activision\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"UDP Query User{75BB62D7-A9D3-48DF-A7FC-286D9D34C5AE}C:\program files\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=17 | dir=in | app=c:\program files\dead island riptide\deadislandgame_x86_rwdi.exe |
"UDP Query User{7D4082BB-4400-4C40-9869-64DBF522D79D}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{8B1F3932-CD79-493A-8177-F288B6EDF556}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{8C525059-7814-4159-98EF-13D82A904B98}C:\program files\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe" = protocol=17 | dir=in | app=c:\program files\sixteen tons entertainment\emergency 4 deluxe\em4deluxe.exe |
"UDP Query User{C29CA007-41ED-44F2-A16B-5459C58FBAEF}C:\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\counter-strike 1.6\hl.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = Die Sims™ 3 Diesel Accessoires
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{235493EC-B417-48E1-8445-49060A654EAE}" = TG-MOD
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = Die Sims™ 3 Jahreszeiten
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}" = Rome - Total War(TM)
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E65796E-62E4-4EF7-9E1E-AADB7E0371CB}" = Eisenbahn.exe Professional 5.0 Premium
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{55DAC754-01F4-4EF8-9E23-6A1847862FBD}_is1" = Winterberg Configurator Version WEM Confi 8.5
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10
"{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1" = Thief 3 Sneaky Upgrade version 1.1.2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}" = Emergency 4
"{832f4b60-3f6a-4f64-a88e-adf7588d80af}.sdb" = Thief 3 Sneaky Upgrade SDB
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.051
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99BEB67F-2352-BAC2-BAB2-23F5A52FA1AE}_is1" = SWAT4 Server Browser Alternative v1.21
"{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1" = Universal AntiCheat 3 v1.076
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}" = Rome Total War - patch 1.3
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}" = RuneScape Launcher 1.2.2
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4494248-6D52-4674-B8CF-9177EA3F92F8}" = HTC Sync
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4E25446-4162-44B8-821D-739B3ED9B130}" = Internet Turbo
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte)
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A64E20-EDA4-4B93-9176-FD3B4C7B085F}" = Transport Giant: Down Under
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EDA12670-56B5-4459-BA21-D010F0E3EBA1}" = Emergency 4 Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Wegberg-Modifikation-6-0}_is1" = Feuer- und Notfallsimulation Wegberg Version 6.0
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alarm für Cobra 11 - Das Syndikat_is1" = Alarm für Cobra 11 - Das Syndikat
"Alarm für Cobra 11 - Undercover Demo_is1" = Alarm für Cobra 11 - Undercover Demo
"BS2012StudioFahrplaneditor_is1" = BS2012 Studio Fahrplaneditor
"Bus-Simulator 2012_is1" = Bus-Simulator 2012
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DarthMod Rome" = DarthMod Rome
"D-Fend Reloaded" = D-Fend Reloaded 1.3.3 (deinstallieren)
"Driver San Francisco" = Driver San Francisco
"ERSBerlin2BetaGER_is1" = ERS Berlin 2 Beta
"Foxit Reader_is1" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"GameSpy Arcade" = GameSpy Arcade
"GameTracker Lite" = GameTracker Lite
"German Truck Simulator" = German Truck Simulator 1.00
"GIMP-2_is1" = GIMP 2.8.0
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}" = Microsoft Flight Simulator X
"LingoPad_is1" = LingoPad 2.5.1 (Build 325)
"Mark's Mod v13" = Mark's Mod v13
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Minecraft 1.4.5" = Minecraft 1.4.5
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1" = Dead Island Riptide (c) Deep Silver version 1
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"S2TNG" = Die Siedler II - Die nächste Generation
"S4Uninst" = Die Siedler IV
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"SARDU" = SARDU 2.0.6.5
"Swat Downloader2.4" = Swat Downloader
"Sweet Home 3D_is1" = Sweet Home 3D version 3.6
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"uTorrent" = µTorrent
"vfd-ob" = VideoFileDownload
"videosaver@videosaver.net" = VideoSaver
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"ZMBV" = Zip Motion Block Video codec (Remove Only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MMA Client" = MMA Client
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.07.2013 04:54:04 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.07.2013 04:54:48 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\astragon\bus-simulator
2012\bin_high_win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.07.2013 04:58:40 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\HTC\htc
sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.07.2013 04:47:22 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: transportgiant.exe, Version: 2.1.0.0,
Zeitstempel: 0x4180e0eb Name des fehlerhaften Moduls: transportgiant.exe, Version:
2.1.0.0, Zeitstempel: 0x4180e0eb Ausnahmecode: 0xc0000005 Fehleroffset: 0x000e2d58
ID
des fehlerhaften Prozesses: 0x7e8 Startzeit der fehlerhaften Anwendung: 0x01ce8134b2f6916e
Pfad
der fehlerhaften Anwendung: C:\Program Files\Transport Giant\transportgiant.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Transport Giant\transportgiant.exe Berichtskennung:
29bc058c-ed2b-11e2-98e6-20cf30e46a17
Error - 15.07.2013 15:10:53 | Computer Name = Alexander-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SWAT4.exe, Version: 1.0.31973.0,
Zeitstempel: 0x42167d74 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x2415ffdb ID des fehlerhaften
Prozesses: 0x1248 Startzeit der fehlerhaften Anwendung: 0x01ce818aa7f14712 Pfad der
fehlerhaften Anwendung: C:\Program Files\Sierra\SWAT 4\Content\System\SWAT4.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 446eb70d-ed82-11e2-a556-16ed4c8c0df9
Error - 16.07.2013 07:30:12 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.07.2013 07:31:04 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\astragon\bus-simulator
2012\bin_high_win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.07.2013 07:35:19 | Computer Name = Alexander-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\HTC\htc
sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.07.2013 04:23:46 | Computer Name = Alexander-PC | Source = VSS | ID = 8194
Description =
Error - 18.07.2013 05:04:24 | Computer Name = Alexander-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12e8 Startzeit:
01ce8394d5a8f5fa Endzeit: 5 Anwendungspfad: C:\Users\Alexander\Downloads\OTL.exe Berichts-ID:
[ System Events ]
Error - 17.07.2013 04:21:45 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error - 17.07.2013 08:00:37 | Computer Name = Alexander-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 17.07.2013 08:01:20 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 17.07.2013 08:01:20 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 17.07.2013 08:01:34 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error - 17.07.2013 08:18:00 | Computer Name = Alexander-PC | Source = DCOM | ID = 10010
Description =
Error - 18.07.2013 04:16:23 | Computer Name = Alexander-PC | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 18.07.2013 04:16:48 | Computer Name = Alexander-PC | Source = Application Popup | ID = 875
Description = Treiber atksgt.sys konnte nicht geladen werden.
Error - 18.07.2013 04:16:48 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error - 18.07.2013 04:16:55 | Computer Name = Alexander-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
< End of report >
|
| Themen zu Internetprobleme und viele andere kleine Dinge |
| 7-zip, application/pdf:, bho, converter, error, euro, fehler, firefox, flash player, google, grand theft auto, helper, hängen, install.exe, langsam, logfile, mozilla, mp3, object, plug-in, popup, realtek, registry, security, sekunden, senden, sierra, software, svchost.exe, teamspeak, win64, windows |
Baum-Darstellung