| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7 - Einfrierende markierte Schaltflächen, Prozesse im HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.07.2013, 20:06
| #1 |
 |  Win7 - Einfrierende markierte Schaltflächen, Prozesse im Hintergrund Hallo! Ich habe kürzlich den Fehler gemacht Azureus zu installieren und habe mir wohl einiges eingefangen. Aufgefallen dass etwas nicht stimmt war durch Folgendes:  Manchmal frieren markierte Schaltflächen nach dem Ausführen ein. Hier Photoshop "Videoframes in Ebenen...". Es tritt aber auch bei vielen anderen Programmen auf. Grafikkarte updaten hat nicht geholfen. Zusätzlich habe ich einige Prozesse im Task Manager gesehen, die ich nicht zuordnen konnte. Hier einmal die Files aus der Anleitung: 1. defogger_disable: Keine Fehler 2a. OTL.txt: Code:
ATTFilter OTL logfile created on: 22.07.2013 20:18:51 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MajorVegi\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 16,00 Gb Total Physical Memory | 13,70 Gb Available Physical Memory | 85,63% Memory free 31,99 Gb Paging File | 29,47 Gb Available in Paging File | 92,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 59,95 Gb Free Space | 40,25% Space Free | Partition Type: NTFS Drive E: | 465,75 Gb Total Space | 326,96 Gb Free Space | 70,20% Space Free | Partition Type: NTFS Drive F: | 465,75 Gb Total Space | 339,49 Gb Free Space | 72,89% Space Free | Partition Type: NTFS Computer Name: MARTIN | User Name: MajorVegi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.22 20:18:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MajorVegi\Downloads\OTL.exe PRC - [2013.07.08 06:26:34 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.06.01 09:22:32 | 000,032,884 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0770Mon.exe PRC - [2011.09.15 10:15:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2011.07.11 23:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2006.10.22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe ========== Modules (No Company Name) ========== MOD - [2013.07.22 18:57:44 | 000,204,800 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\winamp.lng MOD - [2013.07.22 18:57:44 | 000,155,648 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\vis_milk2.lng MOD - [2013.07.22 18:57:44 | 000,088,064 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\vis_avs.lng MOD - [2013.07.22 18:57:44 | 000,039,424 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_wifi.lng MOD - [2013.07.22 18:57:44 | 000,036,864 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_ipod.lng MOD - [2013.07.22 18:57:44 | 000,036,352 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ombrowser.lng MOD - [2013.07.22 18:57:44 | 000,020,480 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_android.lng MOD - [2013.07.22 18:57:44 | 000,016,384 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\out_ds.lng MOD - [2013.07.22 18:57:44 | 000,014,848 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_wire.lng MOD - [2013.07.22 18:57:44 | 000,011,776 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_usb.lng MOD - [2013.07.22 18:57:44 | 000,008,192 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_transcode.lng MOD - [2013.07.22 18:57:44 | 000,007,680 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\vis_nsfs.lng MOD - [2013.07.22 18:57:44 | 000,007,680 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\out_wave.lng MOD - [2013.07.22 18:57:44 | 000,006,144 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\tagz.lng MOD - [2013.07.22 18:57:44 | 000,006,144 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\out_disk.lng MOD - [2013.07.22 18:57:44 | 000,005,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_rg.lng MOD - [2013.07.22 18:57:44 | 000,004,608 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_activesync.lng MOD - [2013.07.22 18:57:44 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\winampa.lng MOD - [2013.07.22 18:57:44 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_p4s.lng MOD - [2013.07.22 18:57:44 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\pmp_njb.lng MOD - [2013.07.22 18:57:44 | 000,003,072 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\playlist.lng MOD - [2013.07.22 18:57:43 | 000,056,320 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_local.lng MOD - [2013.07.22 18:57:43 | 000,047,616 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_disc.lng MOD - [2013.07.22 18:57:43 | 000,047,104 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_pmp.lng MOD - [2013.07.22 18:57:43 | 000,034,816 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_plg.lng MOD - [2013.07.22 18:57:43 | 000,023,040 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_mp3.lng MOD - [2013.07.22 18:57:43 | 000,020,480 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_midi.lng MOD - [2013.07.22 18:57:43 | 000,018,944 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_mod.lng MOD - [2013.07.22 18:57:43 | 000,015,360 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_wm.lng MOD - [2013.07.22 18:57:43 | 000,014,336 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_online.lng MOD - [2013.07.22 18:57:43 | 000,012,800 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_playlists.lng MOD - [2013.07.22 18:57:43 | 000,011,776 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_nsv.lng MOD - [2013.07.22 18:57:43 | 000,011,264 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_vorbis.lng MOD - [2013.07.22 18:57:43 | 000,009,728 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_downloads.lng MOD - [2013.07.22 18:57:43 | 000,008,704 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_history.lng MOD - [2013.07.22 18:57:43 | 000,008,704 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_devices.lng MOD - [2013.07.22 18:57:43 | 000,006,656 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_autotag.lng MOD - [2013.07.22 18:57:43 | 000,006,656 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_wav.lng MOD - [2013.07.22 18:57:43 | 000,005,632 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_wave.lng MOD - [2013.07.22 18:57:43 | 000,005,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_impex.lng MOD - [2013.07.22 18:57:43 | 000,005,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_bookmarks.lng MOD - [2013.07.22 18:57:43 | 000,005,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_mp4.lng MOD - [2013.07.22 18:57:43 | 000,004,608 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_enqplay.lng MOD - [2013.07.22 18:57:43 | 000,004,608 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_wv.lng MOD - [2013.07.22 18:57:43 | 000,004,608 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_mkv.lng MOD - [2013.07.22 18:57:43 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_orb.lng MOD - [2013.07.22 18:57:43 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_nowplaying.lng MOD - [2013.07.22 18:57:43 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\ml_addons.lng MOD - [2013.07.22 18:57:43 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_swf.lng MOD - [2013.07.22 18:57:43 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_linein.lng MOD - [2013.07.22 18:57:43 | 000,003,584 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_flv.lng MOD - [2013.07.22 18:57:42 | 000,041,984 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_jumpex.lng MOD - [2013.07.22 18:57:42 | 000,023,552 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_classicart.lng MOD - [2013.07.22 18:57:42 | 000,023,040 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_ff.lng MOD - [2013.07.22 18:57:42 | 000,021,504 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_ml.lng MOD - [2013.07.22 18:57:42 | 000,014,336 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_cdda.lng MOD - [2013.07.22 18:57:42 | 000,011,776 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_skinmanager.lng MOD - [2013.07.22 18:57:42 | 000,011,264 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_hotkeys.lng MOD - [2013.07.22 18:57:42 | 000,010,752 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_undo.lng MOD - [2013.07.22 18:57:42 | 000,010,240 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_timerestore.lng MOD - [2013.07.22 18:57:42 | 000,009,216 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_nopro.lng MOD - [2013.07.22 18:57:42 | 000,008,192 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_tray.lng MOD - [2013.07.22 18:57:42 | 000,007,168 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_orgler.lng MOD - [2013.07.22 18:57:42 | 000,007,168 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_crasher.lng MOD - [2013.07.22 18:57:42 | 000,006,656 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_dshow.lng MOD - [2013.07.22 18:57:42 | 000,006,144 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_wma.lng MOD - [2013.07.22 18:57:42 | 000,005,632 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_flac.lng MOD - [2013.07.22 18:57:42 | 000,005,632 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_lame.lng MOD - [2013.07.22 18:57:42 | 000,005,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\in_avi.lng MOD - [2013.07.22 18:57:42 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\gen_find_on_disk.lng MOD - [2013.07.22 18:57:42 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_wav.lng MOD - [2013.07.22 18:57:42 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_vorbis.lng MOD - [2013.07.22 18:57:42 | 000,004,096 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_flac.lng MOD - [2013.07.22 18:57:41 | 000,069,120 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\burnlib.lng MOD - [2013.07.22 18:57:41 | 000,013,824 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\dsp_sps.lng MOD - [2013.07.22 18:57:41 | 000,010,752 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\auth.lng MOD - [2013.07.22 18:57:41 | 000,006,656 | ---- | M] () -- C:\Users\MAJORV~1\AppData\Local\Temp\WLZ21D2.tmp\enc_fhgaac.lng MOD - [2013.07.08 06:26:16 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.09.14 22:43:35 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2011.09.14 22:43:34 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2011.09.14 22:43:34 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2011.09.14 22:43:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2011.09.14 22:43:34 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2011.09.14 22:43:34 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2011.09.14 22:43:34 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s MOD - [2011.09.14 22:43:34 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2011.09.14 22:43:34 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s MOD - [2011.09.14 22:43:33 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2011.09.14 22:43:33 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s MOD - [2011.09.14 22:43:33 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s MOD - [2011.09.14 22:43:33 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s MOD - [2011.09.14 22:43:33 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2011.09.14 22:43:33 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2011.09.14 22:43:33 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2011.09.14 22:43:33 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s MOD - [2011.09.14 22:43:33 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s MOD - [2011.09.14 22:43:32 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll MOD - [2011.09.14 22:43:32 | 000,113,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll MOD - [2011.09.14 22:43:32 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll MOD - [2011.09.14 22:43:31 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll MOD - [2011.09.14 22:43:31 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll MOD - [2011.09.14 22:43:31 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll MOD - [2011.09.14 22:43:31 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll MOD - [2011.09.14 22:43:30 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2011.09.14 22:43:30 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll MOD - [2011.09.14 22:43:29 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2011.09.14 22:43:29 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll MOD - [2011.09.14 22:43:29 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll MOD - [2011.09.14 22:43:29 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll MOD - [2011.09.14 22:43:29 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll MOD - [2011.09.14 22:43:29 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll MOD - [2011.09.14 22:43:28 | 000,293,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll MOD - [2011.09.14 22:43:28 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll MOD - [2011.09.14 22:43:28 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll MOD - [2011.09.14 22:43:28 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll MOD - [2011.09.14 22:43:27 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll MOD - [2011.09.14 22:43:27 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll MOD - [2011.09.14 22:43:27 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll MOD - [2011.09.14 22:43:27 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll MOD - [2011.09.14 22:43:26 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2011.09.14 22:43:26 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll MOD - [2011.09.14 22:43:26 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll MOD - [2011.09.14 22:43:26 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll MOD - [2011.09.14 22:43:26 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll MOD - [2011.09.14 22:43:26 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll MOD - [2011.09.14 22:43:26 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll MOD - [2011.09.14 22:43:26 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll MOD - [2011.09.14 22:43:26 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll MOD - [2011.09.14 22:43:25 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2011.09.14 22:43:25 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll MOD - [2011.09.14 22:43:25 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll MOD - [2011.09.14 22:43:25 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll MOD - [2011.09.14 22:43:25 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll MOD - [2011.09.14 22:43:25 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll MOD - [2011.09.14 22:43:25 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll MOD - [2011.09.14 22:43:25 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll MOD - [2011.09.14 22:43:25 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll MOD - [2011.09.14 22:43:24 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll MOD - [2011.09.14 22:43:24 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2011.09.14 22:43:24 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll MOD - [2011.09.14 22:43:24 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll MOD - [2011.09.14 22:43:23 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll MOD - [2011.09.14 22:43:23 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.03.28 22:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.07.08 06:26:34 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2011.09.15 10:15:37 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.10.21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV - [2010.10.21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.18 13:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple) DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.05 06:57:49 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam) DRV:64bit: - [2012.06.01 09:32:38 | 000,379,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\V0770Vid.sys -- (V0770Vid) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2011.07.06 12:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2011.06.01 05:16:50 | 000,535,656 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:64bit: - [2010.10.05 13:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:64bit: - [2010.10.05 13:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.08.21 10:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 44 C1 52 32 7F CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/" FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0 FF - prefs.js..extensions.enabledAddons: gmailwatcher%40sonthakit:1.61 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.10 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\MajorVegi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\MajorVegi\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.08 06:26:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.08 06:26:11 | 000,000,000 | ---D | M] [2011.09.14 21:21:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\Extensions [2013.07.22 19:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\Firefox\Profiles\cqlvx6qh.default\extensions [2013.03.25 07:44:57 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\Firefox\Profiles\cqlvx6qh.default\extensions\en-US@dictionaries.addons.mozilla.org [2013.03.25 07:44:57 | 000,226,606 | ---- | M] () (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\firefox\profiles\cqlvx6qh.default\extensions\gmailwatcher@sonthakit.xpi [2013.01.02 18:26:54 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\firefox\profiles\cqlvx6qh.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013.07.22 19:52:50 | 000,818,491 | ---- | M] () (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\firefox\profiles\cqlvx6qh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.07.12 17:26:20 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\MajorVegi\AppData\Roaming\mozilla\firefox\profiles\cqlvx6qh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.07.11 21:54:34 | 000,006,507 | ---- | M] () -- C:\Users\MajorVegi\AppData\Roaming\mozilla\firefox\profiles\cqlvx6qh.default\searchplugins\babylon.xml [2013.07.08 06:26:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.07.08 06:26:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.07.08 06:26:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.07.08 06:26:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.07.08 06:26:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.07.08 06:26:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.08 06:26:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=5CCE1C6F65BD5D67&affID=119357&tsp=4940 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\MajorVegi\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\MajorVegi\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\MajorVegi\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Google Update (Enabled) = C:\Users\MajorVegi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: After the Deadline = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdjadjbdihbaodagojiomdljhjhjfho\1.2_0\ CHR - Extension: Deaktivierungs-Add-on von Google Analytics = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\1_0\ CHR - Extension: ProxMate - Improve your Internet! = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.8_0\ CHR - Extension: Google Mail = C:\Users\MajorVegi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013.01.16 19:52:51 | 000,000,830 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [V0770Pin.dll] C:\Windows\SysNative\V0770Pin.dll (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [V0770Mon.exe] C:\Windows\V0770Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [F.lux] C:\Users\MajorVegi\Local Settings\Apps\F.lux\flux.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70FC9910-C41D-4421-A5CA-45A48FAFCB6D}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4f1f2b68-e741-11e0-8eda-1c6f65bd5d67}\Shell - "" = AutoRun O33 - MountPoints2\{4f1f2b68-e741-11e0-8eda-1c6f65bd5d67}\Shell\AutoRun\command - "" = K:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.21 22:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.07.21 22:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.07.21 22:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.07.21 10:20:50 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\AppData\Roaming\Wise Registry Cleaner [2013.07.21 10:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner [2013.07.21 10:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise [2013.07.18 23:43:46 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\AppData\Roaming\Unity [2013.07.18 23:08:35 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\AppData\Local\Unity [2013.07.14 15:09:12 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\AppData\Roaming\Creative [2013.07.11 21:54:44 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\JDownloader [2013.07.11 21:20:11 | 000,000,000 | ---D | C] -- C:\Users\MajorVegi\Documents\Vuze Downloads [2013.07.08 06:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.06.30 13:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.06.27 21:46:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2013.06.27 21:45:14 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 ========== Files - Modified Within 30 Days ========== [2013.07.22 20:17:13 | 000,000,000 | ---- | M] () -- C:\Users\MajorVegi\defogger_reenable [2013.07.22 20:12:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-145833288-3684113049-1461127088-1000UA.job [2013.07.22 18:54:30 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.22 18:54:30 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.22 18:46:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.22 18:46:48 | 4293,042,174 | -HS- | M] () -- C:\hiberfil.sys [2013.07.21 14:23:17 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.21 14:23:17 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.21 14:23:17 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.21 14:23:17 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.21 14:23:17 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.21 10:20:22 | 000,001,227 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk [2013.07.21 09:12:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-145833288-3684113049-1461127088-1000Core.job [2013.07.11 21:12:54 | 000,000,000 | ---- | M] () -- C:\END [2013.07.11 17:23:28 | 000,166,984 | ---- | M] () -- C:\Users\MajorVegi\Desktop\943165_164179803753487_410499378_n.png [2013.07.11 17:12:01 | 000,313,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.06.27 21:45:14 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.06.25 22:15:17 | 000,000,991 | ---- | M] () -- C:\Users\MajorVegi\Desktop\Dropbox.lnk [2013.06.22 23:17:49 | 000,002,787 | ---- | M] () -- C:\Users\MajorVegi\.recently-used.xbel ========== Files Created - No Company Name ========== [2013.07.22 20:17:13 | 000,000,000 | ---- | C] () -- C:\Users\MajorVegi\defogger_reenable [2013.07.21 10:20:22 | 000,001,227 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk [2013.07.11 21:12:54 | 000,000,000 | ---- | C] () -- C:\END [2013.07.11 17:23:25 | 000,166,984 | ---- | C] () -- C:\Users\MajorVegi\Desktop\943165_164179803753487_410499378_n.png [2013.06.27 21:45:14 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.06.22 23:17:49 | 000,002,787 | ---- | C] () -- C:\Users\MajorVegi\.recently-used.xbel [2013.05.23 18:08:06 | 000,000,408 | ---- | C] () -- C:\Users\MajorVegi\AppData\Roaming\CamShapes.ini [2013.05.23 18:08:06 | 000,000,408 | ---- | C] () -- C:\Users\MajorVegi\AppData\Roaming\CamLayout.ini [2013.05.23 18:08:06 | 000,000,096 | ---- | C] () -- C:\Users\MajorVegi\AppData\Roaming\Camdata.ini [2013.05.23 18:07:24 | 000,004,519 | ---- | C] () -- C:\Users\MajorVegi\AppData\Roaming\CamStudio.cfg [2013.05.13 19:51:13 | 000,000,600 | ---- | C] () -- C:\Users\MajorVegi\AppData\Local\PUTTY.RND [2013.04.13 13:26:32 | 000,188,416 | RHS- | C] () -- C:\Windows\SysWow64\winDCE32.dll [2013.04.13 13:26:32 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.02.18 22:53:13 | 000,000,038 | -HS- | C] () -- C:\Windows\camcodec100.ini [2013.02.18 22:53:13 | 000,000,028 | -HS- | C] () -- C:\Windows\lagarith.ini [2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.02.19 00:00:34 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.13 12:16:18 | 000,006,656 | ---- | C] () -- C:\Users\MajorVegi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.14 21:52:50 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.14 21:28:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.07.20 18:02:04 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\.minecraft [2012.10.28 20:11:06 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Audacity [2011.11.05 11:22:15 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Autodesk [2013.07.21 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\avidemux [2013.07.11 21:33:02 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Azureus [2012.02.18 23:57:59 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Babylon [2012.09.22 11:09:36 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Bioshock [2013.02.10 22:23:29 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Bioshock2 [2012.12.05 18:25:17 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\DAEMON Tools Lite [2011.09.25 09:22:54 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\DAEMON Tools Pro [2013.07.10 18:29:36 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Dropbox [2011.10.30 23:46:40 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\EPSON [2013.05.28 21:05:29 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\FileZilla [2013.02.10 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\fltk.org [2013.06.22 23:17:49 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\gtk-2.0 [2012.04.04 06:47:35 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\IrfanView [2012.11.02 22:16:31 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Notepad++ [2012.02.04 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\OpenOffice.org [2012.01.07 14:09:40 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\RSBasic [2012.10.10 18:31:47 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Scribus [2013.07.18 23:43:46 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Unity [2013.07.21 10:27:11 | 000,000,000 | ---D | M] -- C:\Users\MajorVegi\AppData\Roaming\Wise Registry Cleaner ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 22.07.2013 20:18:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MajorVegi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
16,00 Gb Total Physical Memory | 13,70 Gb Available Physical Memory | 85,63% Memory free
31,99 Gb Paging File | 29,47 Gb Available in Paging File | 92,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 148,95 Gb Total Space | 59,95 Gb Free Space | 40,25% Space Free | Partition Type: NTFS
Drive E: | 465,75 Gb Total Space | 326,96 Gb Free Space | 70,20% Space Free | Partition Type: NTFS
Drive F: | 465,75 Gb Total Space | 339,49 Gb Free Space | 72,89% Space Free | Partition Type: NTFS
Computer Name: MARTIN | User Name: MajorVegi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011C2EEE-0F44-4AC8-AAEE-24EC4A53A6A6}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\element4l\element4l.exe |
"{01A658B1-2735-4512-8310-D7817400AEF2}" = protocol=17 | dir=in | app=c:\users\majorvegi\appdata\roaming\dropbox\bin\dropbox.exe |
"{04961E51-6380-4055-86A5-813450AB12A7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{15E8BEE9-ACD9-4274-8C7A-15B8D4EBAFB7}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{1CD49DB9-B726-4D27-8415-56BD07A39D88}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{28A0DC32-754C-470E-B195-48913F479787}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{2BF66DE9-1C7E-4812-B493-7CAEC4DEC6EE}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{31CE079D-3060-46B5-BE57-D82F185748D9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3A5170F8-53BE-437F-B203-1DBB71C913D0}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\game_launcher.exe |
"{53CBFFD0-0B50-4BA5-BD6B-4803848FDE84}" = protocol=6 | dir=in | app=c:\program files (x86)\wb games\batman arkham city\binaries\win32\batmanac.exe |
"{66CE4E49-14BF-4454-BCE4-D81D74369B86}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{988D16F8-F941-4AB0-AFE6-0D34FE77FB3A}" = protocol=17 | dir=in | app=c:\program files (x86)\wb games\batman arkham city\binaries\win32\batmanac.exe |
"{9B9FD80D-845B-43E6-B3B5-D763653FDB6D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{9D2BB27F-B297-43D2-95F9-CB3273A51251}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{9F7155CB-6AFE-4400-8270-02C30A2AA6E2}" = protocol=6 | dir=in | app=c:\users\majorvegi\appdata\roaming\dropbox\bin\dropbox.exe |
"{B7197F45-C00C-49D9-9A3B-6C44D38D6688}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{BEA4575D-55D8-41D1-AFEF-F256AB2D604D}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{C177FB3D-E686-4C1C-AB3B-9E307C4DA3FE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\game_launcher.exe |
"{CE52F179-7E95-4A74-8038-E00EBCBAC083}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\element4l\element4l.exe |
"{D13301C1-8047-4C0E-9C3D-C8C3E799BE18}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{D92FE1DB-4B5A-4478-AF54-B854FDA0A281}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\mp\builds\binaries\bioshock2launcher.exe |
"{DA6E9C85-6740-4E31-860E-53F7020849FA}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{F1122040-8B1C-4B5B-9F1A-F9385327B7EC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock 2\sp\builds\binaries\bioshock2launcher.exe |
"{F46ABB83-6B3E-498F-876D-D2B7F217ED9E}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{F9A304BA-3B80-4F3C-8FEF-1B8F43045C36}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{FA7C2F76-7123-42AE-ADBC-1FC8B01F13B2}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"TCP Query User{031758FE-C723-433A-AADA-B957B12C735E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{72AAD39D-8F15-4CCD-B28C-3F25924F676F}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{0CB673BA-C1A4-4FF7-8758-F7247CA7FD75}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{6EA2D15A-DC31-4CB9-807C-7156FBAE0B66}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55B348BE-A3BE-9AE7-58BD-BE45B9A28F82}" = AMD Media Foundation Decoders
"{5B73E1AA-CA9D-E76A-2F2D-E0EFB41CE087}" = AMD Accelerated Video Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{C8807716-1F6F-5C43-3C32-7295A45CF060}" = AMD Catalyst Install Manager
"{CC1FE395-D90F-712C-E013-EBDCC30433B1}" = AMD Fuel
"{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E54A949B-C4AE-28B6-EC97-FCB9E402D338}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Creative VF0770" = Live! Cam Sync HD VF0770 Driver (1.00.02.00)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Pen Tablet Driver" = Bamboo
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0300BFF4-33A2-4DFB-979D-79AE9D324E81}" = Minutor
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11F2C5EC-35AA-7237-B62B-A4F041859C2A}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{229EDE35-4677-BDE6-70ED-A5A4C711DDC3}" = CCC Help Norwegian
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2470F2F2-8491-5A0B-B8F5-8B72A8D74597}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27B56E28-94B2-BDF8-D209-EC8D2FF4838E}" = Catalyst Control Center Graphics Previews Common
"{33D4FA83-02C0-93B3-08ED-5D7378930CFA}" = CCC Help Turkish
"{37D0F3C2-8FFD-134D-FBDF-2D711E169D78}" = AMD VISION Engine Control Center
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{42FECCEF-63CD-DF98-D6BC-DDBB27E4A580}" = CCC Help Japanese
"{46594DA4-2D0A-B2D4-C0E0-A5CCA3260025}" = CCC Help Hungarian
"{485B8152-C59F-8569-15BC-46BDA2A1E4A9}" = CCC Help Polish
"{490F47E6-585C-531A-1BF8-4DE44ED9AED7}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{50F87176-7DB3-4C75-D9DC-25CB4561D0F8}" = CCC Help Danish
"{52E706AA-B4E9-423A-1651-62E61E06DF9A}" = CCC Help Greek
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{5FB51C12-62AE-0990-E419-C6F62B776E5C}" = CCC Help Portuguese
"{66B46617-A156-F25B-3CC0-5E46343AEA95}" = CCC Help Thai
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81543139-18AE-703B-D3B1-F6B3A0CB2EAC}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1" = SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013.
"{8FA20FAC-719F-7CCD-5790-6B59D691C370}" = CCC Help Chinese Traditional
"{940B28E7-320B-5AC8-0A8A-32D6A7B404A1}" = CCC Help Swedish
"{99C382AB-CA1D-8577-66D3-AA850DB5FD00}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A68C4D16-8046-5333-CB64-5E622C795785}" = CCC Help Dutch
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE0B654E-FC60-40AE-F60B-06526508B5FD}" = CCC Help Italian
"{BE0E1491-B2DC-6447-217C-342D8F7100EA}" = CCC Help Czech
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C5EADF55-3B49-B545-E16F-402B443DDC77}" = CCC Help German
"{CBDFF724-E925-2964-E647-0A83D2F9165C}" = CCC Help French
"{D5341564-7B93-ADAC-E737-C24AA85CC5FF}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3FB1E5A-1C24-D581-6BC8-6F8AC2D343AD}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E79BE5-20F5-82F4-6579-2A91AED3F066}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.7.0.1
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"GPL Ghostscript 9.05" = GPL Ghostscript
"IrfanView" = IrfanView (remove only)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Scribus 1.4.1" = Scribus 1.4.1
"Steam App 220780" = Thomas Was Alone
"Steam App 235820" = Element4l
"Steam App 55230" = Saints Row: The Third
"VLC media player" = VLC media player 2.0.7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.82
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Flux" = F.lux
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.06.2013 11:12:25 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 19.06.2013 23:51:18 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2013 11:09:03 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 20.06.2013 23:50:47 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 21.06.2013 10:59:33 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 22.06.2013 02:43:18 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 23.06.2013 01:49:09 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 23.06.2013 10:09:52 | Computer Name = Martin | Source = MsiInstaller | ID = 11609
Description =
Error - 23.06.2013 23:48:12 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
Error - 24.06.2013 11:23:05 | Computer Name = Martin | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 28.06.2013 15:59:57 | Computer Name = Martin | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 09.07.2013 13:14:47 | Computer Name = Martin | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 09.07.2013 13:14:48 | Computer Name = Martin | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 09.07.2013 13:14:49 | Computer Name = Martin | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 11.07.2013 14:40:41 | Computer Name = Martin | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 20.07.2013 15:05:39 | Computer Name = Martin | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 20.07.2013 15:05:39 | Computer Name = Martin | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 22.07.2013 11:16:09 | Computer Name = Martin | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 22.07.2013 12:40:07 | Computer Name = Martin | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 22.07.2013 12:47:07 | Computer Name = Martin | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
3. Gmer.txt: Leider bekomme ich nur die Meldung "gmer_2.1.19163.exe funktioniert nicht mehr". Auch nach Reboot. Vielen Dank schon mal für's lesen! :) |
| Themen zu Win7 - Einfrierende markierte Schaltflächen, Prozesse im Hintergrund |
| 7-zip, adobe, autorun, bho, error, explorer, fehler, firefox, format, funktioniert nicht mehr, google, google analytics, helper, home, iexplore.exe, install.exe, logfile, monitor.exe, mozilla, msiinstaller, photoshop, plug-in, prozesse, realtek, registry, rundll, scan, security, software, super, tablet, temp, udp, windows |
Baum-Darstellung