Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   cpu auslastung dauerhaft von 20-50% (https://www.trojaner-board.de/122866-cpu-auslastung-dauerhaft-20-50-a.html)

Kedoka 27.08.2012 16:52
cpu auslastung dauerhaft von 20-50%
 
also wie oben schon da steht ist meine cpuauslastung dauerhaft von 20-50% sobald ich nur den browser auf mache
ich hab mal einen scan mit dme escan durchgeführt und das ist das ergebniss


Datei C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll ist durch den Virus "Gen:Trojan.Heur.@x9@X6gmJYfi (DB)" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll ist durch den Virus "Gen:Trojan.Heur.@x9@X6gmJYfi (DB)" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Program Files (x86)\Avira\AntiVir Desktop\FAILSAFE\aeheur.dll ist durch den Virus "Gen:Trojan.Heur.@x9@X6gmJYfi (DB)" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\Users\Waldi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll ist durch den Virus "Gen:Trojan.Heur.P.@J4@fyt8kHbi (DB)" infiziert! Maßnahme ergriffen: Keine Maßnahme ergriffen.


weis jemand was man da am besten machen kann?

kira 29.08.2012 08:58
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du durch [X] oder Sternchen (*) ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware Lade Dir Malwarebytes Anti-Malwarevon hier herunter
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner herunter
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Kedoka 29.08.2012 19:08
hier ist schon mal der bericht von malware

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.08.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Waldi :: WALDI-PC [Administrator]

Schutz: Aktiviert

29.08.2012 18:45:57
mbam-log-2012-08-29 (18-45-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 379324
Laufzeit: 51 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Waldi\AppData\Roaming\WinSec.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:
OTL Extras logfile created on: 29.08.2012 20:11:42 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Waldi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,25 Gb Available Physical Memory | 54,27% Memory free
11,98 Gb Paging File | 8,63 Gb Available in Paging File | 72,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 848,06 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,68% Space Free | Partition Type: NTFS
Drive E: | 281,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WALDI-PC | User Name: Waldi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C7899F0-C1F3-4F35-89D4-C4EA8784DA19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FD92A6C-7F84-484B-B33A-0146D1B3EC8B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20918FF3-E241-4039-8F1A-443A785637FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{23079347-62D8-419E-860D-BC1259CE1371}" = lport=137 | protocol=17 | dir=in | app=system |
"{29EE33D1-9845-406D-9325-0D085257BBA1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54100E21-7C40-4490-A751-EB28BE2314B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57867DDF-9C4A-440B-8E7B-061A597F6B0A}" = lport=139 | protocol=6 | dir=in | app=system |
"{5872B1C2-6A85-48A4-8A2F-BE976CF476D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{619C0959-B615-4FEF-98AF-91251FA4BBF2}" = lport=445 | protocol=6 | dir=in | app=system |
"{8186AB24-5B0E-4A56-A2A7-35E08D4627F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8900B1BE-9FCB-45B2-BB10-2854F510DF74}" = rport=137 | protocol=17 | dir=out | app=system |
"{96FAFA81-FE02-4A95-B707-7C87CC0878A6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9913FF2F-4699-48E7-8F33-9C49A04E2B17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9C940A2-A266-497B-8E28-E6735DDC54DE}" = lport=138 | protocol=17 | dir=in | app=system |
"{AB6EB448-2C5E-4AD3-A58B-2880C3DFF9AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE6A72BD-6633-4616-B5CE-19B8D3E80971}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DAA5F8CB-E8FF-481A-B9A9-5FD425A2B471}" = rport=445 | protocol=6 | dir=out | app=system |
"{E2A70828-9EC5-4ABF-BE88-41FE36A418BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E31AFB55-8EF5-4DE8-9829-A778598DC90D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EA4EB0F3-2A6D-46AA-A90A-2A3F29B7ECE9}" = rport=139 | protocol=6 | dir=out | app=system |
"{EACDEF34-0ED9-4394-8222-E244D78CE519}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE1FC19B-7268-4F2B-8394-C7DD9DD52BE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAD16C6B-1FE0-42A2-BC8F-7B8374BF3CEA}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0453E9F5-E577-4D24-99E9-EE0E023C5DCC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{118AA3C8-29EB-4F64-B600-9EBD839C49D9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{12725068-BBCA-4E80-A4E6-7BEC685B589D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{12FE4E93-E8DC-46EF-A244-B4296B842C06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{1DCB5CE3-E439-4A99-8349-30D72E7529FC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{1E4A08AB-62C8-4C20-BACB-B53B9561F258}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{230E2914-EA6A-448F-9ECB-2A2311C4CA5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{23B83A72-5DC7-4A45-A5C1-E785501991FD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2618DF3F-950C-4ADA-ABA1-1E4006F51FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aoldesktop.exe |
"{26FBAAC4-5243-409C-A0B4-98E0129FE1C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28207723-8FA8-46BD-A3E8-49C6AA6F460D}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{2C93096D-EB12-41F7-99C7-788510DDCA16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2DA52A33-9ABF-4702-8E7D-51914E832570}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3499169B-187B-4720-858B-1628E9A14F4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B040557-B785-4FB7-8C7E-AB6BA9CF2693}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aolsoftware.exe |
"{3EECCD2B-D29E-4610-93D4-D28794538073}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{425139EF-5DC2-47B7-922A-24A46C438803}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{4362E64A-4EE4-42D8-BAB6-0AB08D376ECC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{46D5019E-9819-4A7B-94B8-33EA99889D35}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4FA0306E-7608-450F-BD70-D0A915ABF43F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5446856F-942D-48F8-88AF-9C198D90EF78}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{54668BC8-7BAB-4D42-B749-441E2DF98E6E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{57199F80-F776-4B8E-A39D-EBE2D23F6A69}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{59143944-7E9F-4BCD-B864-1FD58E23F41F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A90A6A2-C7B9-4F84-A18E-2E37FB6DEE7B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{620EEC2E-9C7E-4C9E-98BD-57B26714D97C}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{650407DC-B7EC-45F3-A56F-5F758B8971DF}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aoldesktop.exe |
"{695ED9FF-A7A9-4ADA-B28A-8BC0F92F2F45}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aolsoftware.exe |
"{6D63D0FB-E6B9-41E7-B047-0F9027AD20FB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aolsoftware.exe |
"{73458370-C6A9-4BCF-B4ED-A5840166669C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{759E7FDE-A5A9-4428-B513-E8E849B9BD24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338483391\ee\aolsoftware.exe |
"{769F183C-4BB2-49D6-AA2D-9476ADAB6765}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77640942-6A2D-4227-AB05-A813DEDB5054}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C274235-E4C6-4688-B04A-2C510D10EDEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85535C40-BF2C-4009-81A4-C128903BF8F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85C00B46-3EB7-452A-8225-9EED631F6FF7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{89626932-2FA4-40A8-BFB2-1C764A6846FE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{8CA5EBA9-9EE7-47EB-9D09-C0A13E88E743}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{8D6E9782-5346-4A8C-8DA5-21D0663E1A58}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9FA4755D-EB3D-4357-8155-6233C753318C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A352796A-E9BA-43F8-9377-E2F13A5728A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B04D4801-B2E5-4ABF-83CA-B3A5BB947CF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{B06CDF73-A5CC-4D0D-9DF9-50C847C8BE5E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{B26DD4E2-F894-4631-9561-9B79B6A0D1F9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3D32799-05F4-4B50-81C2-7AEAF7133911}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aolsoftware.exe |
"{B481B72F-421A-482D-BBF1-8F790C75581A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{B8F2851B-3503-44DA-B11A-D4F92C480938}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{BA5C0A2E-EF59-4840-8EE6-0111ABA789A5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BEF2DDA0-BB5B-4F91-9D2D-95015BE38652}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C0403341-6AAC-459A-88E0-4077F1F91142}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C47BB0BF-58A4-4D84-A41C-05430961663C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4D9203D-0440-42E9-B0C6-A22596AED0B9}" = protocol=6 | dir=out | app=system |
"{C72603AC-67AF-46D3-AE79-DE9DE58225FB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aoldesktop.exe |
"{C88012E4-6485-4E36-949F-8A874D34C77E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{D0CF9A89-7BB6-46E8-8163-E4C0C5E2F517}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338484788\ee\aolsoftware.exe |
"{DEB16B2F-7FF1-47F4-912E-E0DDD53E20A8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aoldesktop.exe |
"{E596C4DB-2E3F-40FF-825D-0E8DB1902546}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{E60A1E9C-4AC1-41A2-8872-A131EC119346}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6119886-7CF4-4842-8BAD-B52F67DA4718}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04C6DE0-49C2-4AD0-9C03-04DEAEDADAD0}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{F5D55F43-4F2A-4509-8EDA-8A119317F4A6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{F648E09D-E250-47F6-9786-745625777ACE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F66CBDEF-7E8A-4E1D-8778-78E352E4309D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338484788\ee\aolsoftware.exe |
"{F6D9F956-B75F-424B-BAA2-28B559EAC131}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338483391\ee\aolsoftware.exe |
"{FE9DB386-5EF9-4E6B-98EA-6331D9D905B4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"TCP Query User{3480AC10-97A8-43D6-AF00-77CCD65F67EA}C:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe |
"TCP Query User{53E36F72-5139-4A8C-852E-51DA821A4E72}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{63FCAB22-8CAB-4D73-9C29-22BCFF7CD6A9}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6B7AA180-B2C9-470D-9795-F8B614ED7555}C:\users\waldi\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\temp\gw2.exe |
"TCP Query User{73983224-67A9-4FE2-8D5E-91B7B73218BB}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{7FACE469-EA59-43C7-B912-3E1BA4CCD0D0}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{93EE557F-2906-44D7-B6C4-57A511219500}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9D0A4A4C-7FD6-4B86-BC68-C23228A829D4}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{B71E0DE8-B1AF-487B-8EF6-8559A10FF973}C:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe" = protocol=6 | dir=in | app=c:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe |
"TCP Query User{B90313E8-F2AE-4216-ADAB-122FCDEAEDBE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{2614610D-6A9A-4116-A953-7CE2444641C6}C:\users\waldi\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\temp\gw2.exe |
"UDP Query User{26284702-B211-41D0-8286-1335A6299161}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{33290F62-72A8-410F-A130-730CE8E85F52}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{4C28C700-3095-420F-8D2E-06D7DDD6EF1E}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7214BF8C-F99F-4884-A3BB-C1961EDC39A7}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{79F0AB58-CB16-4E6A-97D1-3E83EE7D07B4}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{8908274A-E403-4CDC-93EA-4B4710EBB41B}C:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe |
"UDP Query User{8BFEBEA6-E4E0-4500-8975-F2CA26B897F3}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{C0454D1A-14B8-48C8-BA3A-F79E6B16B2BE}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DC43CE50-2E81-4C49-9975-29A8C84718BD}C:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe" = protocol=17 | dir=in | app=c:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON BX305 Series" = Druckerdeinstallation für EPSON BX305 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardwarediagnosetools
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Regclient" = AOL Registration
"AOL Toolbar" = AOL Toolbar for Internet Explorer
"AOL Toolbar for Firefox" = AOL Toolbar for Firefox
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Avira AntiVir Desktop" = Avira Free Antivirus
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON BX305 Series Network Guide" = EPSON BX305 Series Netzwerk-Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Europe MapleStory_is1" = Europe MapleStory
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"ViewpointMediaPlayer" = Viewpoint Media Player
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"3114a86aa00b92d7" = MMDoC-PDCLive Launcher
"Square Enix Secure Launcher" = Square Enix Secure Launcher
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2012 16:27:32 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x1b0c  Startzeit der fehlerhaften Anwendung: 0x01cd6f5a8dc624eb  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 279d3caf-db4e-11e1-82ca-00038a000015
 
Error - 01.08.2012 01:09:48 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0xb28  Startzeit der fehlerhaften Anwendung: 0x01cd6fa1d8c11f33  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 1d4024d3-db97-11e1-8f4d-00038a000015
 
Error - 01.08.2012 05:51:46 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x6a0  Startzeit der fehlerhaften Anwendung: 0x01cd6fcb0e3914fd  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 813f1540-dbbe-11e1-8f4d-00038a000015
 
Error - 01.08.2012 06:03:02 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x175c  Startzeit der fehlerhaften Anwendung: 0x01cd6fcc71ee32d7  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 1427de39-dbc0-11e1-8f4d-00038a000015
 
Error - 01.08.2012 12:56:38 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x1bc  Startzeit der fehlerhaften Anwendung: 0x01cd6fcceccd65bb  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 dbbb7421-dbf9-11e1-8f4d-00038a000015
 
Error - 01.08.2012 13:51:28 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x284  Startzeit der fehlerhaften Anwendung: 0x01cd700a0dc00632  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 84b1dbc1-dc01-11e1-8f4d-00038a000015
 
Error - 01.08.2012 14:18:32 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x17c8  Startzeit der fehlerhaften Anwendung: 0x01cd700e47b050c9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 4c9fc1eb-dc05-11e1-8f4d-00038a000015
 
Error - 02.08.2012 02:56:09 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x128c  Startzeit der fehlerhaften Anwendung: 0x01cd7074d736c204  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 23285980-dc6f-11e1-8bc5-00038a000015
 
Error - 02.08.2012 10:58:11 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0xb5c  Startzeit der fehlerhaften Anwendung: 0x01cd707d35b1bb7c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 7a2626c9-dcb2-11e1-8bc5-00038a000015
 
Error - 04.08.2012 14:49:36 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: _isDB69.exe, Version: 12.0.0.58855,
 Zeitstempel: 0x46d48420  Name des fehlerhaften Moduls: ISSetup.dll, Version: 12.0.0.58855,
 Zeitstempel: 0x46eef1f1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00096f3b  ID des fehlerhaften
 Prozesses: 0x1144  Startzeit der fehlerhaften Anwendung: 0x01cd7271debf7f81  Pfad der
 fehlerhaften Anwendung: C:\Users\Waldi\AppData\Local\Temp\_isDB69.exe  Pfad des fehlerhaften
 Moduls: C:\Users\Waldi\AppData\Local\Temp\{456BEB15-0241-454B-8688-9B90AB92BE8C}\ISSetup.dll
Berichtskennung:
 2302244a-de65-11e1-88eb-00038a000015
 
[ Media Center Events ]
Error - 28.07.2012 10:57:56 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:57:56 - Fehler beim Herstellen der Internetverbindung.  16:57:56
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 10:58:26 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:58:25 - Fehler beim Herstellen der Internetverbindung.  16:58:25
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 11:58:57 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 17:58:57 - Fehler beim Herstellen der Internetverbindung.  17:58:57
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 11:59:27 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 17:59:27 - Fehler beim Herstellen der Internetverbindung.  17:59:27
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 12:59:58 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 18:59:58 - Fehler beim Herstellen der Internetverbindung.  18:59:58
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 13:00:28 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 19:00:28 - Fehler beim Herstellen der Internetverbindung.  19:00:28
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 29.07.2012 10:19:26 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:19:26 - Fehler beim Herstellen der Internetverbindung.  16:19:26
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 29.07.2012 10:19:58 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:19:55 - Fehler beim Herstellen der Internetverbindung.  16:19:55
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 31.07.2012 10:11:41 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:11:41 - Fehler beim Herstellen der Internetverbindung.  16:11:41
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 31.07.2012 10:11:54 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:11:46 - Fehler beim Herstellen der Internetverbindung.  16:11:46
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 02.08.2012 01:20:10 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 02.08.2012 01:20:10 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 19.08.2012 13:10:40 | Computer Name = Waldi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?08.?2012 um 05:22:59 unerwartet heruntergefahren.
 
Error - 22.08.2012 00:40:44 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 22.08.2012 00:40:44 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 22.08.2012 09:45:20 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 22.08.2012 09:45:20 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 24.08.2012 09:26:47 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
Error - 24.08.2012 09:27:19 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 24.08.2012 09:27:19 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
 
< End of report >

Code:
OTL logfile created on: 29.08.2012 20:11:42 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Waldi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,25 Gb Available Physical Memory | 54,27% Memory free
11,98 Gb Paging File | 8,63 Gb Available in Paging File | 72,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 848,06 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,68% Space Free | Partition Type: NTFS
Drive E: | 281,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WALDI-PC | User Name: Waldi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Waldi\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.94\deploy\LoLLauncher.exe ()
PRC - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe ()
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.0.196\deploy\LolClient.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Common Files\AOL\1338486948\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files (x86)\Common Files\AOL\1338486948\ee\AOLDesktop.exe (AOL LLC)
PRC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.94\deploy\LoLLauncher.exe ()
MOD - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (wanatw) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Programme\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKLM\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=tb50aoldesktopie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKLM\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - No CLSID value found
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes,DefaultScope = {BAF60B34-BC2D-4D38-BF52-8D31949C6020}
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=tb50aoldesktopie7
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE485
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{7CC9E4CC-8D7D-4FC5-A0B8-3C2B3C11CD4B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_ptnrs=%5EABT&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@coreonline.com/run3d,version=1.0: C:\Users\Waldi\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Waldi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.23 20:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.28 15:02:53 | 000,000,000 | ---D | M]
 
[2012.05.23 20:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Waldi\AppData\Roaming\mozilla\Extensions
[2012.08.23 22:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions
[2012.07.14 17:08:02 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2012.08.23 22:51:02 | 000,000,000 | ---D | M] (OnRPG Community Toolbar) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
[2012.07.30 18:36:50 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\toolbar@ask.com
[2012.07.30 18:36:50 | 000,002,344 | ---- | M] () -- C:\Users\Waldi\AppData\Roaming\Mozilla\Firefox\Profiles\2u0kr2g5.default\searchplugins\askcom.xml
[2012.07.28 15:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://google.de/
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_ptnrs=%5EABT&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: hxxp://google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Waldi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - Extension: Avira Toolbar = C:\Users\Waldi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O3:64bit: - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1338486948\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [Akamai NetSession Interface] "C:\Users\Waldi\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [EPSON BX305 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Windows\TEMP\E_S8761.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Waldi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop.lnk = C:\Program Files (x86)\Common Files\AOL\Launch\aollaunch.exe (AOL LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EDAC4DA-541E-46A4-9A80-1D4ED613F74C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.18 19:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2010.01.18 07:03:00 | 000,129,000 | R--- | M] (Seiko Epson Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.29 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Malwarebytes
[2012.08.29 18:43:04 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.27 17:58:28 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\BSP
[2012.08.27 17:58:20 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Square Enix
[2012.08.26 12:10:51 | 000,000,000 | ---D | C] -- C:\escan
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2012.08.26 11:45:20 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2012.08.26 11:45:19 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2012.08.26 11:45:18 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2012.08.26 11:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2012.08.26 11:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2012.08.19 22:58:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.19 22:58:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.19 22:58:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.19 22:58:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.19 22:58:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.19 22:58:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.19 22:58:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.19 22:58:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.19 22:58:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.19 22:58:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.19 22:58:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.19 22:58:50 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.19 22:58:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.19 20:07:36 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Ubisoft
[2012.08.19 19:54:51 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012.08.19 19:54:42 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.08.19 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Apps
[2012.08.19 19:54:14 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Deployment
[2012.08.19 19:22:34 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.19 19:22:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.19 19:22:05 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.19 19:22:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.19 19:21:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.19 19:21:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.19 19:21:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.19 19:21:40 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.04 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2012.08.04 20:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012.08.04 20:48:50 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Epson
[2012.08.04 20:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2012.08.04 20:48:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2012.08.04 20:48:15 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\InstallShield
[2012.08.04 20:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2012.08.04 20:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EPSON
[2012.08.04 20:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpsonNet
[2012.08.04 20:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012.08.04 20:45:34 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2012.08.04 20:45:24 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGJE.DLL
[2012.08.04 20:45:21 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGJE.DLL
[2012.08.04 20:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012.08.04 20:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012.08.04 20:45:02 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2012.08.04 20:45:02 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2012.08.04 20:45:02 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll
[2012.08.04 20:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2012.08.02 20:14:36 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\LolClient
[2012.07.31 07:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.07.31 07:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2012.07.31 07:46:08 | 000,000,000 | ---D | C] -- C:\Users\Waldi\Documents\Guild Wars 2
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.29 20:00:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.29 19:26:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.29 18:43:04 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.29 17:00:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.29 15:35:38 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 15:35:38 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 15:27:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.29 15:27:33 | 529,854,463 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.27 22:11:06 | 000,044,568 | ---- | M] () -- C:\Users\Waldi\Documents\pinfect.zip
[2012.08.27 12:23:13 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2012.08.26 11:45:19 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2012.08.26 11:45:18 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2012.08.26 11:45:17 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2012.08.22 07:01:05 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.20 11:23:14 | 000,328,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.19 20:26:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.19 20:26:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.19 19:54:42 | 000,000,346 | ---- | M] () -- C:\Users\Waldi\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012.08.04 23:18:09 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.04 23:18:09 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.04 23:18:09 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.04 23:18:09 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.04 23:18:09 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.04 20:51:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2012.08.04 20:49:55 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2012.08.04 20:46:11 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\EPSON BX305 Series Netzwerk-Handbuch.lnk
[2012.08.04 20:46:01 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\EPSON BX305 Series Handbuch.lnk
[2012.08.04 20:45:03 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012.07.31 12:08:26 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012.07.31 07:46:52 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.29 18:43:04 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.27 22:11:06 | 000,044,568 | ---- | C] () -- C:\Users\Waldi\Documents\pinfect.zip
[2012.08.26 11:45:28 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2012.08.19 19:54:42 | 000,000,346 | ---- | C] () -- C:\Users\Waldi\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012.08.04 20:51:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2012.08.04 20:49:48 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2012.08.04 20:46:11 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\EPSON BX305 Series Netzwerk-Handbuch.lnk
[2012.08.04 20:46:01 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\EPSON BX305 Series Handbuch.lnk
[2012.08.04 20:45:03 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012.07.31 07:46:52 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.07.28 16:01:29 | 000,007,605 | ---- | C] () -- C:\Users\Waldi\AppData\Local\Resmon.ResmonCfg
[2012.07.21 14:34:04 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\comcnt.sys
[2012.07.15 12:48:09 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.14 15:31:28 | 000,113,452 | ---- | C] () -- C:\Users\Waldi\AppData\Roaming\win
[2012.05.31 19:03:19 | 000,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2012.05.31 16:38:54 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
 
========== LOP Check ==========
 
[2012.06.01 09:30:08 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\acccore
[2012.08.04 20:48:50 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Epson
[2012.08.02 20:14:36 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\LolClient
[2012.05.29 13:54:32 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\LolClient2
[2012.05.24 16:42:51 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\SGTY
[2012.07.28 15:03:42 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Splitscreen Studios
[2012.07.30 15:59:43 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Unity
[2012.07.31 12:08:26 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012.07.19 18:25:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Kedoka 29.08.2012 19:29
Code:
OTL Extras logfile created on: 29.08.2012 20:11:42 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Waldi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,25 Gb Available Physical Memory | 54,27% Memory free
11,98 Gb Paging File | 8,63 Gb Available in Paging File | 72,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 848,06 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,68% Space Free | Partition Type: NTFS
Drive E: | 281,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WALDI-PC | User Name: Waldi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C7899F0-C1F3-4F35-89D4-C4EA8784DA19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FD92A6C-7F84-484B-B33A-0146D1B3EC8B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20918FF3-E241-4039-8F1A-443A785637FD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{23079347-62D8-419E-860D-BC1259CE1371}" = lport=137 | protocol=17 | dir=in | app=system |
"{29EE33D1-9845-406D-9325-0D085257BBA1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54100E21-7C40-4490-A751-EB28BE2314B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{57867DDF-9C4A-440B-8E7B-061A597F6B0A}" = lport=139 | protocol=6 | dir=in | app=system |
"{5872B1C2-6A85-48A4-8A2F-BE976CF476D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{619C0959-B615-4FEF-98AF-91251FA4BBF2}" = lport=445 | protocol=6 | dir=in | app=system |
"{8186AB24-5B0E-4A56-A2A7-35E08D4627F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8900B1BE-9FCB-45B2-BB10-2854F510DF74}" = rport=137 | protocol=17 | dir=out | app=system |
"{96FAFA81-FE02-4A95-B707-7C87CC0878A6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9913FF2F-4699-48E7-8F33-9C49A04E2B17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9C940A2-A266-497B-8E28-E6735DDC54DE}" = lport=138 | protocol=17 | dir=in | app=system |
"{AB6EB448-2C5E-4AD3-A58B-2880C3DFF9AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE6A72BD-6633-4616-B5CE-19B8D3E80971}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DAA5F8CB-E8FF-481A-B9A9-5FD425A2B471}" = rport=445 | protocol=6 | dir=out | app=system |
"{E2A70828-9EC5-4ABF-BE88-41FE36A418BC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E31AFB55-8EF5-4DE8-9829-A778598DC90D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EA4EB0F3-2A6D-46AA-A90A-2A3F29B7ECE9}" = rport=139 | protocol=6 | dir=out | app=system |
"{EACDEF34-0ED9-4394-8222-E244D78CE519}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE1FC19B-7268-4F2B-8394-C7DD9DD52BE6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAD16C6B-1FE0-42A2-BC8F-7B8374BF3CEA}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0453E9F5-E577-4D24-99E9-EE0E023C5DCC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{118AA3C8-29EB-4F64-B600-9EBD839C49D9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{12725068-BBCA-4E80-A4E6-7BEC685B589D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{12FE4E93-E8DC-46EF-A244-B4296B842C06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{1DCB5CE3-E439-4A99-8349-30D72E7529FC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{1E4A08AB-62C8-4C20-BACB-B53B9561F258}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{230E2914-EA6A-448F-9ECB-2A2311C4CA5C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{23B83A72-5DC7-4A45-A5C1-E785501991FD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2618DF3F-950C-4ADA-ABA1-1E4006F51FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aoldesktop.exe |
"{26FBAAC4-5243-409C-A0B4-98E0129FE1C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28207723-8FA8-46BD-A3E8-49C6AA6F460D}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{2C93096D-EB12-41F7-99C7-788510DDCA16}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2DA52A33-9ABF-4702-8E7D-51914E832570}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3499169B-187B-4720-858B-1628E9A14F4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B040557-B785-4FB7-8C7E-AB6BA9CF2693}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aolsoftware.exe |
"{3EECCD2B-D29E-4610-93D4-D28794538073}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{425139EF-5DC2-47B7-922A-24A46C438803}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{4362E64A-4EE4-42D8-BAB6-0AB08D376ECC}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{46D5019E-9819-4A7B-94B8-33EA99889D35}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4FA0306E-7608-450F-BD70-D0A915ABF43F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5446856F-942D-48F8-88AF-9C198D90EF78}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{54668BC8-7BAB-4D42-B749-441E2DF98E6E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{57199F80-F776-4B8E-A39D-EBE2D23F6A69}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{59143944-7E9F-4BCD-B864-1FD58E23F41F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5A90A6A2-C7B9-4F84-A18E-2E37FB6DEE7B}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{620EEC2E-9C7E-4C9E-98BD-57B26714D97C}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{650407DC-B7EC-45F3-A56F-5F758B8971DF}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aoldesktop.exe |
"{695ED9FF-A7A9-4ADA-B28A-8BC0F92F2F45}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aolsoftware.exe |
"{6D63D0FB-E6B9-41E7-B047-0F9027AD20FB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aolsoftware.exe |
"{73458370-C6A9-4BCF-B4ED-A5840166669C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{759E7FDE-A5A9-4428-B513-E8E849B9BD24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338483391\ee\aolsoftware.exe |
"{769F183C-4BB2-49D6-AA2D-9476ADAB6765}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77640942-6A2D-4227-AB05-A813DEDB5054}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C274235-E4C6-4688-B04A-2C510D10EDEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{85535C40-BF2C-4009-81A4-C128903BF8F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85C00B46-3EB7-452A-8225-9EED631F6FF7}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{89626932-2FA4-40A8-BFB2-1C764A6846FE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{8CA5EBA9-9EE7-47EB-9D09-C0A13E88E743}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{8D6E9782-5346-4A8C-8DA5-21D0663E1A58}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9FA4755D-EB3D-4357-8155-6233C753318C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A352796A-E9BA-43F8-9377-E2F13A5728A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B04D4801-B2E5-4ABF-83CA-B3A5BB947CF2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{B06CDF73-A5CC-4D0D-9DF9-50C847C8BE5E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{B26DD4E2-F894-4631-9561-9B79B6A0D1F9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3D32799-05F4-4B50-81C2-7AEAF7133911}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aolsoftware.exe |
"{B481B72F-421A-482D-BBF1-8F790C75581A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{B8F2851B-3503-44DA-B11A-D4F92C480938}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{BA5C0A2E-EF59-4840-8EE6-0111ABA789A5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BEF2DDA0-BB5B-4F91-9D2D-95015BE38652}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C0403341-6AAC-459A-88E0-4077F1F91142}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C47BB0BF-58A4-4D84-A41C-05430961663C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C4D9203D-0440-42E9-B0C6-A22596AED0B9}" = protocol=6 | dir=out | app=system |
"{C72603AC-67AF-46D3-AE79-DE9DE58225FB}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338477011\ee\aoldesktop.exe |
"{C88012E4-6485-4E36-949F-8A874D34C77E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{D0CF9A89-7BB6-46E8-8163-E4C0C5E2F517}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1338484788\ee\aolsoftware.exe |
"{DEB16B2F-7FF1-47F4-912E-E0DDD53E20A8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338486948\ee\aoldesktop.exe |
"{E596C4DB-2E3F-40FF-825D-0E8DB1902546}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{E60A1E9C-4AC1-41A2-8872-A131EC119346}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6119886-7CF4-4842-8BAD-B52F67DA4718}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F04C6DE0-49C2-4AD0-9C03-04DEAEDADAD0}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{F5D55F43-4F2A-4509-8EDA-8A119317F4A6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{F648E09D-E250-47F6-9786-745625777ACE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F66CBDEF-7E8A-4E1D-8778-78E352E4309D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338484788\ee\aolsoftware.exe |
"{F6D9F956-B75F-424B-BAA2-28B559EAC131}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1338483391\ee\aolsoftware.exe |
"{FE9DB386-5EF9-4E6B-98EA-6331D9D905B4}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"TCP Query User{3480AC10-97A8-43D6-AF00-77CCD65F67EA}C:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe |
"TCP Query User{53E36F72-5139-4A8C-852E-51DA821A4E72}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{63FCAB22-8CAB-4D73-9C29-22BCFF7CD6A9}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6B7AA180-B2C9-470D-9795-F8B614ED7555}C:\users\waldi\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\temp\gw2.exe |
"TCP Query User{73983224-67A9-4FE2-8D5E-91B7B73218BB}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{7FACE469-EA59-43C7-B912-3E1BA4CCD0D0}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"TCP Query User{93EE557F-2906-44D7-B6C4-57A511219500}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9D0A4A4C-7FD6-4B86-BC68-C23228A829D4}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{B71E0DE8-B1AF-487B-8EF6-8559A10FF973}C:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe" = protocol=6 | dir=in | app=c:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe |
"TCP Query User{B90313E8-F2AE-4216-ADAB-122FCDEAEDBE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{2614610D-6A9A-4116-A953-7CE2444641C6}C:\users\waldi\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\temp\gw2.exe |
"UDP Query User{26284702-B211-41D0-8286-1335A6299161}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{33290F62-72A8-410F-A130-730CE8E85F52}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{4C28C700-3095-420F-8D2E-06D7DDD6EF1E}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7214BF8C-F99F-4884-A3BB-C1961EDC39A7}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{79F0AB58-CB16-4E6A-97D1-3E83EE7D07B4}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{8908274A-E403-4CDC-93EA-4B4710EBB41B}C:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\apps\2.0\rn08z2q9.ca8\hpe4xc9k.02w\laun...app_0000000000000000_0001.0000_44933472db191453\launcher.exe |
"UDP Query User{8BFEBEA6-E4E0-4500-8975-F2CA26B897F3}C:\program files (x86)\pando networks\media booster\pmb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"UDP Query User{C0454D1A-14B8-48C8-BA3A-F79E6B16B2BE}C:\users\waldi\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\waldi\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DC43CE50-2E81-4C49-9975-29A8C84718BD}C:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe" = protocol=17 | dir=in | app=c:\ubisoft\might & magic - duel of champions\mmdoc-pdclive\game.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON BX305 Series" = Druckerdeinstallation für EPSON BX305 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardwarediagnosetools
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}" = Epson Easy Photo Print 2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite Closed Beta
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C9D8A041-2963-4B31-8FFC-1500F3DB9293}" = EpsonNet Setup 3.3
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Regclient" = AOL Registration
"AOL Toolbar" = AOL Toolbar for Internet Explorer
"AOL Toolbar for Firefox" = AOL Toolbar for Firefox
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Avira AntiVir Desktop" = Avira Free Antivirus
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON BX305 Series Network Guide" = EPSON BX305 Series Netzwerk-Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Europe MapleStory_is1" = Europe MapleStory
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"ViewpointMediaPlayer" = Viewpoint Media Player
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"3114a86aa00b92d7" = MMDoC-PDCLive Launcher
"Square Enix Secure Launcher" = Square Enix Secure Launcher
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.07.2012 16:27:32 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x1b0c  Startzeit der fehlerhaften Anwendung: 0x01cd6f5a8dc624eb  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 279d3caf-db4e-11e1-82ca-00038a000015
 
Error - 01.08.2012 01:09:48 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0xb28  Startzeit der fehlerhaften Anwendung: 0x01cd6fa1d8c11f33  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 1d4024d3-db97-11e1-8f4d-00038a000015
 
Error - 01.08.2012 05:51:46 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x6a0  Startzeit der fehlerhaften Anwendung: 0x01cd6fcb0e3914fd  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 813f1540-dbbe-11e1-8f4d-00038a000015
 
Error - 01.08.2012 06:03:02 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x175c  Startzeit der fehlerhaften Anwendung: 0x01cd6fcc71ee32d7  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 1427de39-dbc0-11e1-8f4d-00038a000015
 
Error - 01.08.2012 12:56:38 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x1bc  Startzeit der fehlerhaften Anwendung: 0x01cd6fcceccd65bb  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 dbbb7421-dbf9-11e1-8f4d-00038a000015
 
Error - 01.08.2012 13:51:28 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x284  Startzeit der fehlerhaften Anwendung: 0x01cd700a0dc00632  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 84b1dbc1-dc01-11e1-8f4d-00038a000015
 
Error - 01.08.2012 14:18:32 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x17c8  Startzeit der fehlerhaften Anwendung: 0x01cd700e47b050c9  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 4c9fc1eb-dc05-11e1-8f4d-00038a000015
 
Error - 02.08.2012 02:56:09 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0x128c  Startzeit der fehlerhaften Anwendung: 0x01cd7074d736c204  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 23285980-dc6f-11e1-8bc5-00038a000015
 
Error - 02.08.2012 10:58:11 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Name des fehlerhaften Moduls: MapleStory.exe, Version: 1.0.0.17,
 Zeitstempel: 0x4ff10992  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006d3d2b  ID des fehlerhaften
 Prozesses: 0xb5c  Startzeit der fehlerhaften Anwendung: 0x01cd707d35b1bb7c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
Berichtskennung:
 7a2626c9-dcb2-11e1-8bc5-00038a000015
 
Error - 04.08.2012 14:49:36 | Computer Name = Waldi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: _isDB69.exe, Version: 12.0.0.58855,
 Zeitstempel: 0x46d48420  Name des fehlerhaften Moduls: ISSetup.dll, Version: 12.0.0.58855,
 Zeitstempel: 0x46eef1f1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00096f3b  ID des fehlerhaften
 Prozesses: 0x1144  Startzeit der fehlerhaften Anwendung: 0x01cd7271debf7f81  Pfad der
 fehlerhaften Anwendung: C:\Users\Waldi\AppData\Local\Temp\_isDB69.exe  Pfad des fehlerhaften
 Moduls: C:\Users\Waldi\AppData\Local\Temp\{456BEB15-0241-454B-8688-9B90AB92BE8C}\ISSetup.dll
Berichtskennung:
 2302244a-de65-11e1-88eb-00038a000015
 
[ Media Center Events ]
Error - 28.07.2012 10:57:56 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:57:56 - Fehler beim Herstellen der Internetverbindung.  16:57:56
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 10:58:26 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:58:25 - Fehler beim Herstellen der Internetverbindung.  16:58:25
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 11:58:57 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 17:58:57 - Fehler beim Herstellen der Internetverbindung.  17:58:57
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 11:59:27 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 17:59:27 - Fehler beim Herstellen der Internetverbindung.  17:59:27
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 12:59:58 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 18:59:58 - Fehler beim Herstellen der Internetverbindung.  18:59:58
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 28.07.2012 13:00:28 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 19:00:28 - Fehler beim Herstellen der Internetverbindung.  19:00:28
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 29.07.2012 10:19:26 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:19:26 - Fehler beim Herstellen der Internetverbindung.  16:19:26
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 29.07.2012 10:19:58 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:19:55 - Fehler beim Herstellen der Internetverbindung.  16:19:55
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 31.07.2012 10:11:41 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:11:41 - Fehler beim Herstellen der Internetverbindung.  16:11:41
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 31.07.2012 10:11:54 | Computer Name = Waldi-PC | Source = MCUpdate | ID = 0
Description = 16:11:46 - Fehler beim Herstellen der Internetverbindung.  16:11:46
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 02.08.2012 01:20:10 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 02.08.2012 01:20:10 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 19.08.2012 13:10:40 | Computer Name = Waldi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?05.?08.?2012 um 05:22:59 unerwartet heruntergefahren.
 
Error - 22.08.2012 00:40:44 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 22.08.2012 00:40:44 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 22.08.2012 09:45:20 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 22.08.2012 09:45:20 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 24.08.2012 09:26:47 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Hi-Rez Studios Authenticate and Update Service erreicht.
 
Error - 24.08.2012 09:27:19 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 24.08.2012 09:27:19 | Computer Name = Waldi-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
 
< End of report >

Code:
OTL logfile created on: 29.08.2012 20:11:42 - Run 1
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\Waldi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,25 Gb Available Physical Memory | 54,27% Memory free
11,98 Gb Paging File | 8,63 Gb Available in Paging File | 72,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 848,06 Gb Free Space | 92,06% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,68% Space Free | Partition Type: NTFS
Drive E: | 281,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: WALDI-PC | User Name: Waldi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Waldi\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.94\deploy\LoLLauncher.exe ()
PRC - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe ()
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Riot Games\League of Legends\rads\projects\lol_air_client\releases\0.0.0.196\deploy\LolClient.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Common Files\AOL\1338486948\ee\aolsoftware.exe (AOL LLC)
PRC - C:\Program Files (x86)\Common Files\AOL\1338486948\ee\AOLDesktop.exe (AOL LLC)
PRC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avutil-51.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avformat-54.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Riot Games\League of Legends\rads\projects\lol_launcher\releases\0.0.0.94\deploy\LoLLauncher.exe ()
MOD - C:\Riot Games\League of Legends\rads\system\rads_user_kernel.exe ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (wanatw) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Programme\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKLM\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=tb50aoldesktopie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKLM\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - No CLSID value found
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes,DefaultScope = {BAF60B34-BC2D-4D38-BF52-8D31949C6020}
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=tb50aoldesktopie7
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE485
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{7CC9E4CC-8D7D-4FC5-A0B8-3C2B3C11CD4B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_ptnrs=%5EABT&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@coreonline.com/run3d,version=1.0: C:\Users\Waldi\AppData\LocalLow\Square Enix\nprun3d.dll (Square Enix)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Waldi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.23 20:26:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.28 15:02:53 | 000,000,000 | ---D | M]
 
[2012.05.23 20:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Waldi\AppData\Roaming\mozilla\Extensions
[2012.08.23 22:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions
[2012.07.14 17:08:02 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2012.08.23 22:51:02 | 000,000,000 | ---D | M] (OnRPG Community Toolbar) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
[2012.07.30 18:36:50 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Waldi\AppData\Roaming\mozilla\Firefox\Profiles\2u0kr2g5.default\extensions\toolbar@ask.com
[2012.07.30 18:36:50 | 000,002,344 | ---- | M] () -- C:\Users\Waldi\AppData\Roaming\Mozilla\Firefox\Profiles\2u0kr2g5.default\searchplugins\askcom.xml
[2012.07.28 15:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://google.de/
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_ptnrs=%5EABT&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: hxxp://google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Waldi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - Extension: Avira Toolbar = C:\Users\Waldi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.24169_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O3:64bit: - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1338486948\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [Akamai NetSession Interface] "C:\Users\Waldi\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [EPSON BX305 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Windows\TEMP\E_S8761.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3062770422-598456700-373322868-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Waldi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop.lnk = C:\Program Files (x86)\Common Files\AOL\Launch\aollaunch.exe (AOL LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EDAC4DA-541E-46A4-9A80-1D4ED613F74C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.18 19:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2010.01.18 07:03:00 | 000,129,000 | R--- | M] (Seiko Epson Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.29 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Malwarebytes
[2012.08.29 18:43:04 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.29 18:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.27 17:58:28 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\BSP
[2012.08.27 17:58:20 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Square Enix
[2012.08.26 12:10:51 | 000,000,000 | ---D | C] -- C:\escan
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2012.08.26 11:58:10 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2012.08.26 11:45:20 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2012.08.26 11:45:19 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2012.08.26 11:45:18 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2012.08.26 11:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld
[2012.08.26 11:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2012.08.19 22:58:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.19 22:58:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.19 22:58:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.19 22:58:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.19 22:58:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.19 22:58:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.19 22:58:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.19 22:58:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.19 22:58:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.19 22:58:51 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.19 22:58:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.19 22:58:50 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.19 22:58:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.19 20:07:36 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Ubisoft
[2012.08.19 19:54:51 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012.08.19 19:54:42 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012.08.19 19:54:15 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Apps
[2012.08.19 19:54:14 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Local\Deployment
[2012.08.19 19:22:34 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.19 19:22:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.19 19:22:05 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.19 19:22:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.19 19:21:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.19 19:21:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.19 19:21:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.19 19:21:40 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.04 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2012.08.04 20:49:54 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012.08.04 20:48:50 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\Epson
[2012.08.04 20:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2012.08.04 20:48:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software
[2012.08.04 20:48:15 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\InstallShield
[2012.08.04 20:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2012.08.04 20:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EPSON
[2012.08.04 20:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpsonNet
[2012.08.04 20:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012.08.04 20:45:34 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2012.08.04 20:45:24 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGJE.DLL
[2012.08.04 20:45:21 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGJE.DLL
[2012.08.04 20:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012.08.04 20:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012.08.04 20:45:02 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2012.08.04 20:45:02 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2012.08.04 20:45:02 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll
[2012.08.04 20:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2012.08.02 20:14:36 | 000,000,000 | ---D | C] -- C:\Users\Waldi\AppData\Roaming\LolClient
[2012.07.31 07:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.07.31 07:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2012.07.31 07:46:08 | 000,000,000 | ---D | C] -- C:\Users\Waldi\Documents\Guild Wars 2
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.29 20:00:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.29 19:26:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.29 18:43:04 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.29 17:00:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.29 15:35:38 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 15:35:38 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 15:27:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.29 15:27:33 | 529,854,463 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.27 22:11:06 | 000,044,568 | ---- | M] () -- C:\Users\Waldi\Documents\pinfect.zip
[2012.08.27 12:23:13 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2012.08.26 11:45:19 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll
[2012.08.26 11:45:18 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll
[2012.08.26 11:45:17 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe
[2012.08.22 07:01:05 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.20 11:23:14 | 000,328,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.19 20:26:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.19 20:26:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.19 19:54:42 | 000,000,346 | ---- | M] () -- C:\Users\Waldi\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012.08.04 23:18:09 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.04 23:18:09 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.04 23:18:09 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.04 23:18:09 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.04 23:18:09 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.04 20:51:07 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2012.08.04 20:49:55 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2012.08.04 20:46:11 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\EPSON BX305 Series Netzwerk-Handbuch.lnk
[2012.08.04 20:46:01 | 000,002,253 | ---- | M] () -- C:\Users\Public\Desktop\EPSON BX305 Series Handbuch.lnk
[2012.08.04 20:45:03 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012.07.31 12:08:26 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012.07.31 07:46:52 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.29 18:43:04 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.27 22:11:06 | 000,044,568 | ---- | C] () -- C:\Users\Waldi\Documents\pinfect.zip
[2012.08.26 11:45:28 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2012.08.19 19:54:42 | 000,000,346 | ---- | C] () -- C:\Users\Waldi\Desktop\MMDoC-PDCLive Launcher.appref-ms
[2012.08.04 20:51:07 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2012.08.04 20:49:48 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2012.08.04 20:46:11 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\EPSON BX305 Series Netzwerk-Handbuch.lnk
[2012.08.04 20:46:01 | 000,002,253 | ---- | C] () -- C:\Users\Public\Desktop\EPSON BX305 Series Handbuch.lnk
[2012.08.04 20:45:03 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2012.07.31 07:46:52 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.07.28 16:01:29 | 000,007,605 | ---- | C] () -- C:\Users\Waldi\AppData\Local\Resmon.ResmonCfg
[2012.07.21 14:34:04 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\comcnt.sys
[2012.07.15 12:48:09 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.14 15:31:28 | 000,113,452 | ---- | C] () -- C:\Users\Waldi\AppData\Roaming\win
[2012.05.31 19:03:19 | 000,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2012.05.31 16:38:54 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
 
========== LOP Check ==========
 
[2012.06.01 09:30:08 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\acccore
[2012.08.04 20:48:50 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Epson
[2012.08.02 20:14:36 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\LolClient
[2012.05.29 13:54:32 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\LolClient2
[2012.05.24 16:42:51 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\SGTY
[2012.07.28 15:03:42 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Splitscreen Studios
[2012.07.30 15:59:43 | 000,000,000 | ---D | M] -- C:\Users\Waldi\AppData\Roaming\Unity
[2012.07.31 12:08:26 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012.07.19 18:25:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Code:
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        19.08.2012        6,00MB        11.3.300.271
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        19.08.2012        6,00MB        11.3.300.271
AOL Mail and AIM Gadget        AOL LLC        31.05.2012        567KB        1.0.0
AOL Registration                31.05.2012               
AOL Toolbar for Firefox        AOL LLC        31.05.2012                5.13.6.2
AOL Toolbar for Internet Explorer        AOL LLC        31.05.2012                5.13.4.1
AOL Uninstaller (Choose which Products to Remove)        AOL LLC        31.05.2012               
Apple Application Support        Apple Inc.        29.06.2012        61,0MB        2.1.9
Apple Mobile Device Support        Apple Inc.        29.06.2012        24,9MB        5.2.0.6
Apple Software Update        Apple Inc.        29.06.2012        2,38MB        2.1.3.127
Avira Free Antivirus        Avira        30.07.2012        111MB        12.0.0.1167
Avira SearchFree Toolbar plus Web Protection        Ask.com        30.07.2012        4,67MB        1.15.4.0
Avira SearchFree Toolbar plus Web Protection Updater        Ask.com        30.07.2012                1.3.0.23930
Bonjour        Apple Inc.        29.06.2012        2,00MB        3.0.0.10
CCleaner        Piriform        22.08.2012                3.22
Compatibility Pack für 2007 Office System        Microsoft Corporation        23.05.2012        55,1MB        12.0.4518.1014
CyberLink DVD Suite Deluxe        CyberLink Corp.        22.09.2009        16,4MB        6.0.3101
Druckerdeinstallation für EPSON BX305 Series        SEIKO EPSON Corporation        04.08.2012               
EPSON BX305 Series Handbuch                04.08.2012               
EPSON BX305 Series Netzwerk-Handbuch                04.08.2012               
Epson Easy Photo Print 2        SEIKO EPSON CORPORATION        04.08.2012                2.2.0.0
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)        SEIKO EPSON CORPORATION        04.08.2012                1.00.0000
Epson FAX Utility        SEIKO EPSON CORPORATION        04.08.2012                1.10.00
Epson PC-FAX Driver                04.08.2012               
EPSON Scan        Seiko Epson Corporation        04.08.2012               
EpsonNet Setup 3.3        SEIKO EPSON CORPORATION        04.08.2012                3.3a
Europe MapleStory        Nexon        15.07.2012               
Google Chrome        Google Inc.        28.05.2012                21.0.1180.83
Google Toolbar for Internet Explorer        Google Inc.        21.08.2012                7.4.3203.136
Guild Wars 2        NCsoft Corporation, Ltd.        31.07.2012               
Hardwarediagnosetools        PC-Doctor, Inc.        24.05.2012                6.0.5205.31
Hi-Rez Studios Authenticate and Update Service        Hi-Rez Studios        16.06.2012                3.0.0.0
HP Customer Experience Enhancements        Hewlett-Packard        22.09.2009                5.7.0.3036
HP MediaSmart DVD        Hewlett-Packard        22.09.2009        101MB        3.0.3123
HP MediaSmart Movie Themes        Hewlett-Packard        22.09.2009        399MB        3.0.3102
HP MediaSmart Music/Photo/Video        Hewlett-Packard        22.09.2009        401MB        3.0.3205
HP MediaSmart SmartMenu        Hewlett-Packard        22.09.2009        1,85MB        3.0.28.2
HP Odometer        Hewlett-Packard        22.09.2009        48,0KB        2.10.0000
HP Remote Solution        TopSeed        22.09.2009                1.1.9.0
HP Setup        Hewlett-Packard        22.09.2009                1.2.3220.3079
HP Support Information        Hewlett-Packard        22.09.2009        160KB        10.1.0002
HP Update        Hewlett-Packard        22.09.2009        2,96MB        5.001.000.014
Intel® Matrix Storage Manager        Intel Corporation        23.05.2012               
iTunes        Apple Inc.        29.06.2012        184MB        10.6.3.25
Java(TM) 7 Update 5        Oracle        04.07.2012        99,3MB        7.0.50
JavaFX 2.1.1        Oracle Corporation        04.07.2012        20,8MB        2.1.1
LabelPrint        CyberLink Corp.        22.09.2009        230MB        2.5.1901
League of Legends        Riot Games        29.05.2012                1.02.0000
LightScribe System Software        LightScribe        22.09.2009        22,4MB        1.18.5.1
Malwarebytes Anti-Malware Version 1.62.0.1300        Malwarebytes Corporation        29.08.2012        18,7MB        1.62.0.1300
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        25.05.2012        38,8MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        25.05.2012        2,93MB        4.0.30319
Microsoft .NET Framework 4 Extended        Microsoft Corporation        15.07.2012        51,9MB        4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        15.07.2012        10,6MB        4.0.30319
Microsoft Office PowerPoint Viewer 2007 (German)        Microsoft Corporation        23.05.2012        87,0MB        12.0.4518.1014
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        26.05.2012        348KB        8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        22.09.2009        708KB        8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        22.09.2009        788KB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        22.09.2009        596KB        9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319        Microsoft Corporation        15.07.2012        13,6MB        10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        30.07.2012        11,1MB        10.0.40219
Microsoft Works        Microsoft Corporation        23.05.2012                9.7.0621
MMDoC-PDCLive Launcher        Ubisoft        19.08.2012                1.0.1.1
Mozilla Firefox 12.0 (x86 de)        Mozilla        23.05.2012        36,1MB        12.0
Mozilla Maintenance Service        Mozilla        23.05.2012        214KB        12.0
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        24.05.2012        1,27MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        24.05.2012        1,33MB        4.20.9876.0
NVIDIA Drivers        NVIDIA Corporation        22.09.2009                1.4
NVIDIA PhysX        NVIDIA Corporation        22.09.2009        119MB        9.09.0428
Pando Media Booster        Pando Networks Inc.        28.05.2012        5,46MB        2.6.0.7
Power2Go        CyberLink Corp.        22.09.2009        169MB        6.0.3101
PowerDirector        CyberLink Corp.        22.09.2009        521MB        7.0.3101
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        22.09.2009                6.0.1.5882
Smite Closed Beta        Hi-Rez Studios        23.06.2012                0.1.1018.0
Square Enix Secure Launcher        Square Enix        27.08.2012                1.0.0.104
Steam        Valve Corporation        26.05.2012        35,4MB        1.0.0.0
Uninstall AOL Emergency Connect Utility 1.0                31.05.2012               
Unity Web Player        Unity Technologies ApS        30.07.2012        12,0MB       
Viewpoint Media Player                31.05.2012               
WinRAR 4.11 (64-Bit)        win.rar GmbH        30.05.2012                4.11.0
Code:
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        19.08.2012        6,00MB        11.3.300.271
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        19.08.2012        6,00MB        11.3.300.271
AOL Mail and AIM Gadget        AOL LLC        31.05.2012        567KB        1.0.0
AOL Registration                31.05.2012               
AOL Toolbar for Firefox        AOL LLC        31.05.2012                5.13.6.2
AOL Toolbar for Internet Explorer        AOL LLC        31.05.2012                5.13.4.1
AOL Uninstaller (Choose which Products to Remove)        AOL LLC        31.05.2012               
Apple Application Support        Apple Inc.        29.06.2012        61,0MB        2.1.9
Apple Mobile Device Support        Apple Inc.        29.06.2012        24,9MB        5.2.0.6
Apple Software Update        Apple Inc.        29.06.2012        2,38MB        2.1.3.127
Avira Free Antivirus        Avira        30.07.2012        111MB        12.0.0.1167
Avira SearchFree Toolbar plus Web Protection        Ask.com        30.07.2012        4,67MB        1.15.4.0
Avira SearchFree Toolbar plus Web Protection Updater        Ask.com        30.07.2012                1.3.0.23930
Bonjour        Apple Inc.        29.06.2012        2,00MB        3.0.0.10
CCleaner        Piriform        22.08.2012                3.22
Compatibility Pack für 2007 Office System        Microsoft Corporation        23.05.2012        55,1MB        12.0.4518.1014
CyberLink DVD Suite Deluxe        CyberLink Corp.        22.09.2009        16,4MB        6.0.3101
Druckerdeinstallation für EPSON BX305 Series        SEIKO EPSON Corporation        04.08.2012               
EPSON BX305 Series Handbuch                04.08.2012               
EPSON BX305 Series Netzwerk-Handbuch                04.08.2012               
Epson Easy Photo Print 2        SEIKO EPSON CORPORATION        04.08.2012                2.2.0.0
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)        SEIKO EPSON CORPORATION        04.08.2012                1.00.0000
Epson FAX Utility        SEIKO EPSON CORPORATION        04.08.2012                1.10.00
Epson PC-FAX Driver                04.08.2012               
EPSON Scan        Seiko Epson Corporation        04.08.2012               
EpsonNet Setup 3.3        SEIKO EPSON CORPORATION        04.08.2012                3.3a
Europe MapleStory        Nexon        15.07.2012               
Google Chrome        Google Inc.        28.05.2012                21.0.1180.83
Google Toolbar for Internet Explorer        Google Inc.        21.08.2012                7.4.3203.136
Guild Wars 2        NCsoft Corporation, Ltd.        31.07.2012               
Hardwarediagnosetools        PC-Doctor, Inc.        24.05.2012                6.0.5205.31
Hi-Rez Studios Authenticate and Update Service        Hi-Rez Studios        16.06.2012                3.0.0.0
HP Customer Experience Enhancements        Hewlett-Packard        22.09.2009                5.7.0.3036
HP MediaSmart DVD        Hewlett-Packard        22.09.2009        101MB        3.0.3123
HP MediaSmart Movie Themes        Hewlett-Packard        22.09.2009        399MB        3.0.3102
HP MediaSmart Music/Photo/Video        Hewlett-Packard        22.09.2009        401MB        3.0.3205
HP MediaSmart SmartMenu        Hewlett-Packard        22.09.2009        1,85MB        3.0.28.2
HP Odometer        Hewlett-Packard        22.09.2009        48,0KB        2.10.0000
HP Remote Solution        TopSeed        22.09.2009                1.1.9.0
HP Setup        Hewlett-Packard        22.09.2009                1.2.3220.3079
HP Support Information        Hewlett-Packard        22.09.2009        160KB        10.1.0002
HP Update        Hewlett-Packard        22.09.2009        2,96MB        5.001.000.014
Intel® Matrix Storage Manager        Intel Corporation        23.05.2012               
iTunes        Apple Inc.        29.06.2012        184MB        10.6.3.25
Java(TM) 7 Update 5        Oracle        04.07.2012        99,3MB        7.0.50
JavaFX 2.1.1        Oracle Corporation        04.07.2012        20,8MB        2.1.1
LabelPrint        CyberLink Corp.        22.09.2009        230MB        2.5.1901
League of Legends        Riot Games        29.05.2012                1.02.0000
LightScribe System Software        LightScribe        22.09.2009        22,4MB        1.18.5.1
Malwarebytes Anti-Malware Version 1.62.0.1300        Malwarebytes Corporation        29.08.2012        18,7MB        1.62.0.1300
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        25.05.2012        38,8MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        25.05.2012        2,93MB        4.0.30319
Microsoft .NET Framework 4 Extended        Microsoft Corporation        15.07.2012        51,9MB        4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        15.07.2012        10,6MB        4.0.30319
Microsoft Office PowerPoint Viewer 2007 (German)        Microsoft Corporation        23.05.2012        87,0MB        12.0.4518.1014
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        26.05.2012        348KB        8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        22.09.2009        708KB        8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        22.09.2009        788KB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        22.09.2009        596KB        9.0.30729
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319        Microsoft Corporation        15.07.2012        13,6MB        10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        30.07.2012        11,1MB        10.0.40219
Microsoft Works        Microsoft Corporation        23.05.2012                9.7.0621
MMDoC-PDCLive Launcher        Ubisoft        19.08.2012                1.0.1.1
Mozilla Firefox 12.0 (x86 de)        Mozilla        23.05.2012        36,1MB        12.0
Mozilla Maintenance Service        Mozilla        23.05.2012        214KB        12.0
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        24.05.2012        1,27MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        24.05.2012        1,33MB        4.20.9876.0
NVIDIA Drivers        NVIDIA Corporation        22.09.2009                1.4
NVIDIA PhysX        NVIDIA Corporation        22.09.2009        119MB        9.09.0428
Pando Media Booster        Pando Networks Inc.        28.05.2012        5,46MB        2.6.0.7
Power2Go        CyberLink Corp.        22.09.2009        169MB        6.0.3101
PowerDirector        CyberLink Corp.        22.09.2009        521MB        7.0.3101
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        22.09.2009                6.0.1.5882
Smite Closed Beta        Hi-Rez Studios        23.06.2012                0.1.1018.0
Square Enix Secure Launcher        Square Enix        27.08.2012                1.0.0.104
Steam        Valve Corporation        26.05.2012        35,4MB        1.0.0.0
Uninstall AOL Emergency Connect Utility 1.0                31.05.2012               
Unity Web Player        Unity Technologies ApS        30.07.2012        12,0MB       
Viewpoint Media Player                31.05.2012               
WinRAR 4.11 (64-Bit)        win.rar GmbH        30.05.2012                4.11.0

kira 30.08.2012 12:40
Systemreinigung und Prüfung:

► Wenn Du nun alle Schritte erledigt hast, melde dich mit die gewünschten Ergebnisse zurück!
Nur bei Probleme inzwischen melden!

1.
Deinstalliere:
Zitat:
Avira SearchFree Toolbar plus Web Protection Ask.com 30.07.2012 4,67MB 1.15.4.0
Avira SearchFree Toolbar plus Web Protection Updater Ask.com 30.07.2012 1.3.0.23930
Info
Hinweise zum Einsatz von Freeware-Version Avira AntiVir Personal:
Hier klicken zum Weiterlesen:
-> http://www.chip.de/news/AntiVir-Serv..._45444953.html
► Wer möchte diese Adware auf seinen Rechner haben?!
Lieber ohne Webguard, als mit Adware...http://www.world-of-smilies.com/wos_sonstige/a048.gif

2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript also - nach dem "Code", alles was in der Codebox steht - (also beginnend mit :OTL und am Ende [emptytemp]), alles was in der Codebox steht (ohne "code"!) :
Code:
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {443789B7-F39C-4b5c-9287-DA72D38F4FE6}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce} - No CLSID value found
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes,DefaultScope = {BAF60B34-BC2D-4D38-BF52-8D31949C6020}
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE485
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{7CC9E4CC-8D7D-4FC5-A0B8-3C2B3C11CD4B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=59675911-666a-4285-8fe3-4a193a56f922&apn_sauid=5121E15B-592C-418B-931F-963DEA89D1AD
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2090540
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3062770422-598456700-373322868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.04.18 19:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2c13933-a4de-11e1-96fd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2010.01.18 07:03:00 | 000,129,000 | R--- | M] (Seiko Epson Corporation)
[2012.08.29 20:00:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.29 17:00:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

3.
Java aktualisieren- über Systemsteuerung-> Nach Update suchen...
oder:
Downloade nun die Offline-Version von Java "Empfohlen Version Java(TM) 7 Update 5 " von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also während der Installation den Haken bei der Toolbar entfernen.
Tipp: -> Java-Updates konfigurieren

4.
Alle Programme/Fenster schliessen
Java-Cache leeren

Start => Systemsteuerung => Java => Allgemein => Temporäre Internet-Dateien "Einstellungen" => Dateien löschen => Haken bei "Anwendungen und Applets" sowie bei "Verfolgungs- und Protokolldateien" setzen => OK
-> Wie leere ich den Java-Cache?
-> Java-Cache leeren
-> Kurze Videoanleitung wie man unter Windows 7 und XP den JAVA Cache löschen kann.

5.
Aktualisieren:
-> Mozilla Firefox-> Hilfe -> über Menü Hilfe -> "Über Firefox"
Info:-> Firefox auf die letzte Version aktualisieren

6.
Tipps - Der Internet Explorer von Microsoft gehört zur Grundausstattung unter Windows, somit wie alle andere installierte Software muss gepflegt werden! Auch bei Nicht-Verwendung!:
-> Tipps zu Internet Explorer
-> Standard Suchmaschine des Explorers ändern
-> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8
-> Wie kann ich den Cache im Internet Explorer leeren?

7.
Alle Programme/Fenster schliessen
reinige dein System mit CCleaner:
  • "CCleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

8.
Vorbereitung
  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während der Online-Scans deaktivieren:
    Anti-Virus-Programm und Firewall.
  • Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
  • unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
    Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
  • Während der Online-Scans auf andere Online-Aktivitäten verzichten.
  • Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.

  • http://image.hijackthis.eu/upload/activex1.jpg
    .

Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!
  • Eset Online Scanner (NOD32)
    • Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
    • Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
    • Dein Anti-Virus-Programm während des Scans deaktivieren.
    • Button "ESET Online Scanner" drücken.
    • IE-User müssen das Installieren eines ActiveX Elements erlauben.
    • Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
    • Einen Haken bei "Remove found threads" und "Scan archives" machen.
    • Start drücken.
    • Signaturen werden heruntergeladen.
    • Der Scan beginnt automatisch.
    • Wenn fertig, das Protokoll speichern und mir posten.
      -> List of found threats
      -> Export to text file
      -> Back
      -> Delete quarantäne files
    • Finish drücken.
    • Browser schließen.
    • Deinstallation nachdem das Protokoll mir gepostet hast: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
    • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

9.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:14 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27