hallihallo! :)
danke für die schnelle antwort!
vorab noch eine info: als ich chrome geöffnet habe um hier auf dem board zu antworten,
kam eine meldung, die datei wäre beschädigt (?). ich wurde aber nicht wie üblich auf die qvo6 startseite gezwungen.
hier die gewünschten logs:
Adw Cleaner Code:
# AdwCleaner v2.300 - Datei am 07/05/2013 um 21:52:05 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Feeluck - FEELUCK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Feeluck\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Feeluck\AppData\Roaming\dvdvideosoftiehelpers
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=1367838677
Daten Gelöscht : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=1367838677
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitUninstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_1_RASMANCS
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16476
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=1367838677 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=1367838677 --> hxxp://www.google.com
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.39] : keyword = "qvo6",
Gelöscht [l.43] : search_url = "hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCX[...]
Gelöscht [l.2422] : homepage = "hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S[...]
Gelöscht [l.3000] : urls_to_restore_on_startup = [ "hxxp://www.qvo6.com/?utm_source=b&utm_medium=newgdp&from=newg[...]
*************************
AdwCleaner[S1].txt - [3423 octets] - [07/05/2013 21:52:05]
########## EOF - C:\AdwCleaner[S1].txt - [3483 octets] ##########
OTL Code:
OTL logfile created on: 07.05.2013 21:55:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Feeluck\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 6,54 Gb Available Physical Memory | 82,14% Memory free
15,92 Gb Paging File | 14,35 Gb Available in Paging File | 90,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,29 Gb Total Space | 75,72 Gb Free Space | 50,38% Space Free | Partition Type: NTFS
Drive D: | 300,00 Gb Total Space | 240,38 Gb Free Space | 80,13% Space Free | Partition Type: NTFS
Drive E: | 1412,62 Gb Total Space | 1166,68 Gb Free Space | 82,59% Space Free | Partition Type: NTFS
Computer Name: FEELUCK-PC | User Name: Feeluck | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.07 21:42:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Feeluck\Desktop\OTL.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.12.31 05:47:49 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.01.27 11:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2009.12.03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.31 05:47:49 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012.08.27 22:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 22:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.03 07:27:50 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2009.09.14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.01.10 21:44:02 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.03 07:27:44 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012.07.09 14:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.05.14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.27 11:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 11:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 11:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.06 10:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.01.06 10:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.12.15 21:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.11.10 02:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.12.30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=3145797
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD20EURS-63S48Y0_WD-WCAZAA98094880948&ts=3145797
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 51 46 75 EE F1 CD 01 [binary data]
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\..\SearchScopes\{04B4D22D-9745-486d-8A91-D9EF43FDC614}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\..\SearchScopes\{1C93BC1D-D7B7-4ca1-BF21-67DB376CA421}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
========== Chrome ==========
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Happy Cloud Plugin (Enabled) = C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
CHR - Extension: YouTube = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: Stealthy = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0\
CHR - Extension: Google Mail = C:\Users\Feeluck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.04.22 08:46:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000..\Run: [EPSON BX305 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGJE.EXE /FU "C:\Users\Feeluck\AppData\Local\Temp\E_SFB43.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\Feeluck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2CAA687-FBD2-42CE-9AA2-EED36956580C}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.04.22 07:43:26 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.07 21:42:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Feeluck\Desktop\OTL.exe
[2013.05.07 10:06:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.07 10:05:00 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2013.05.07 10:05:00 | 000,000,000 | ---D | C] -- C:\Users\Feeluck\AppData\Local\Temp
[2013.04.27 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\Feeluck\Desktop\usbstick nesaja
[2013.04.22 08:43:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.22 08:43:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.22 08:43:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.22 08:40:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.22 08:40:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.22 08:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.22 07:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.04.22 07:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.04.22 02:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems
[2013.04.22 02:43:08 | 000,000,000 | ---D | C] -- C:\Users\Feeluck\AppData\Roaming\Sinvise Systems
[2013.04.22 02:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sinvise Systems
[2013.04.22 02:42:39 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.22 02:42:39 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.22 02:42:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.04.22 02:42:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.15 01:49:45 | 000,000,000 | ---D | C] -- C:\Users\Feeluck\Documents\My Games
[2013.04.15 01:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2013.04.11 03:00:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.11 03:00:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.11 03:00:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 03:00:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 03:00:50 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.11 03:00:49 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 03:00:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.11 03:00:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.11 03:00:49 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 03:00:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.11 03:00:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.11 03:00:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.11 03:00:48 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 03:00:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 03:00:48 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.10 12:27:06 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 12:27:06 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 12:27:06 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 12:27:06 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 12:27:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 12:27:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 12:26:50 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 12:26:50 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 12:26:49 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 12:26:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 12:26:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 12:26:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.07 21:53:14 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.07 21:52:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.07 21:52:52 | 2117,791,743 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.07 21:42:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Feeluck\Desktop\OTL.exe
[2013.05.07 21:42:50 | 000,628,743 | ---- | M] () -- C:\Users\Feeluck\Desktop\adwcleaner.exe
[2013.05.07 21:03:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.07 16:55:01 | 000,021,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.07 16:55:01 | 000,021,808 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.07 10:01:08 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2013.05.07 09:59:40 | 001,269,060 | ---- | M] () -- C:\Users\Feeluck\Desktop\zoek.exe
[2013.05.06 15:43:48 | 000,034,398 | ---- | M] () -- C:\Users\Feeluck\Desktop\L! Chattia Gießen.pdf
[2013.04.27 15:19:55 | 001,173,030 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.27 15:19:55 | 000,773,062 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.27 15:19:55 | 000,292,358 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.27 15:19:55 | 000,251,980 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.27 15:19:55 | 000,005,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.23 03:48:21 | 000,821,635 | ---- | M] () -- C:\Users\Feeluck\Desktop\pse.pdf
[2013.04.23 03:47:19 | 000,009,260 | ---- | M] () -- C:\Users\Feeluck\Desktop\uebungsblatt nr.2.pdf
[2013.04.23 03:47:10 | 000,050,412 | ---- | M] () -- C:\Users\Feeluck\Desktop\uebungsblatt nr.1.pdf
[2013.04.22 08:46:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.22 08:32:53 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.22 07:43:26 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.04.22 07:40:07 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.22 07:28:15 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.22 07:28:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.22 02:48:11 | 000,002,815 | ---- | M] () -- C:\Users\Feeluck\Desktop\Shutdown Timer.lnk
[2013.04.22 02:47:52 | 000,000,977 | ---- | M] () -- C:\Users\Feeluck\Desktop\miranda32 - Verknüpfung.lnk
[2013.04.15 01:48:52 | 000,001,518 | ---- | M] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2013.04.11 03:19:13 | 000,294,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.07 21:42:47 | 000,628,743 | ---- | C] () -- C:\Users\Feeluck\Desktop\adwcleaner.exe
[2013.05.07 10:05:01 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013.05.07 09:59:38 | 001,269,060 | ---- | C] () -- C:\Users\Feeluck\Desktop\zoek.exe
[2013.05.06 15:43:45 | 000,034,398 | ---- | C] () -- C:\Users\Feeluck\Desktop\L! Chattia Gießen.pdf
[2013.04.23 03:48:21 | 000,821,635 | ---- | C] () -- C:\Users\Feeluck\Desktop\pse.pdf
[2013.04.23 03:47:19 | 000,009,260 | ---- | C] () -- C:\Users\Feeluck\Desktop\uebungsblatt nr.2.pdf
[2013.04.23 03:47:10 | 000,050,412 | ---- | C] () -- C:\Users\Feeluck\Desktop\uebungsblatt nr.1.pdf
[2013.04.22 08:43:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.22 08:43:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.22 08:43:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.22 08:43:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.22 08:43:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.22 08:32:53 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.22 07:43:26 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.04.22 02:48:11 | 000,002,815 | ---- | C] () -- C:\Users\Feeluck\Desktop\Shutdown Timer.lnk
[2013.04.22 02:47:52 | 000,000,977 | ---- | C] () -- C:\Users\Feeluck\Desktop\miranda32 - Verknüpfung.lnk
[2013.04.15 01:48:52 | 000,001,518 | ---- | C] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2012.12.20 00:42:36 | 000,000,527 | ---- | C] () -- C:\Users\Feeluck\metin2 - Verknüpfung.lnk
[2012.11.18 10:33:12 | 000,000,095 | ---- | C] () -- C:\Users\Feeluck\AppData\Local\fusioncache.dat
[2012.11.18 10:32:24 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.17 23:41:35 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.11.17 23:20:02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.28 03:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.28 03:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.12.08 17:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:A4AF8D0D
@Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:EE69D7DF
< End of report >
Extras Code:
OTL Extras logfile created on: 07.05.2013 21:55:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Feeluck\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 6,54 Gb Available Physical Memory | 82,14% Memory free
15,92 Gb Paging File | 14,35 Gb Available in Paging File | 90,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,29 Gb Total Space | 75,72 Gb Free Space | 50,38% Space Free | Partition Type: NTFS
Drive D: | 300,00 Gb Total Space | 240,38 Gb Free Space | 80,13% Space Free | Partition Type: NTFS
Drive E: | 1412,62 Gb Total Space | 1166,68 Gb Free Space | 82,59% Space Free | Partition Type: NTFS
Computer Name: FEELUCK-PC | User Name: Feeluck | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10125920-2527-498B-A7BB-030361ABF564}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17AD509A-C69E-4FA4-8AFF-6312CA6548D8}" = rport=445 | protocol=6 | dir=out | app=system |
"{21476AB9-F425-4ED1-8194-8347354D3D4E}" = lport=57986 | protocol=17 | dir=in | name=pando media booster |
"{35C6A4BA-BBFA-4AC4-A514-837C159217AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B9A178C-05A0-4D3E-AA0C-51AD8A73DD7A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CF047AF-0802-4596-905F-395FE4E508C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D0A7BA3-F89B-426E-8D02-68AACFD3E322}" = lport=138 | protocol=17 | dir=in | app=system |
"{5399EFFA-293A-4214-91A3-D7E723DC31B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B6C8D6E-D580-40B9-9DD8-C01E31126939}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65A107D3-1EB4-42FB-AA14-4B6957AF3CB5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{76D68D29-1139-485C-BB7D-5AA44E5C6C83}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E2AD55A-5213-4338-98FC-4A1E3EF53BE5}" = lport=137 | protocol=17 | dir=in | app=system |
"{8F8A2DA6-242F-4372-9AF3-B92405F70B53}" = lport=139 | protocol=6 | dir=in | app=system |
"{9E85E3C5-948F-486F-B0A9-A0A3764C6106}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A12A38A8-ECCB-4CE6-9E7C-511C5A288B09}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2CC3E69-699A-49FB-BED5-B398F8B69C80}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A9C50993-92FE-470A-813F-0DE36DC5D008}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7DE8FE7-BED7-4EEF-9D5B-59F8E0A4C64B}" = lport=57986 | protocol=6 | dir=in | name=pando media booster |
"{B8D549B4-FBB8-4AAE-A8D1-D38B1553E09C}" = lport=57986 | protocol=17 | dir=in | name=pando media booster |
"{BE7F81CF-6886-428A-B61D-E431A8327509}" = rport=138 | protocol=17 | dir=out | app=system |
"{C59B9CA5-3E30-4C4E-92FB-18BB86F90EB5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D2B9C69A-EA9E-443A-A4C9-CC1243211FEC}" = lport=57986 | protocol=6 | dir=in | name=pando media booster |
"{D347D1CF-EBCA-4E2E-950A-1AB58596D9E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D780506B-443D-43F5-9212-D7D52963DC27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBC31EAA-77AF-43E1-B175-5B25664A84D2}" = lport=445 | protocol=6 | dir=in | app=system |
"{FCAB28A9-01B9-4F1C-9657-E7CF9CA71061}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF769323-5038-41C0-A6B8-D0F9C3E8281A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A6114E-C9F1-42B3-A102-19F549993970}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{01FDCD5B-A800-4115-94BD-D7EC15A830F9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{21D918BE-37EE-4152-BC7A-7F7C2667D965}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{253DBE96-B0A4-4E87-8EEF-37D91B9E9082}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{2DE9AEB3-9FB8-49B2-905E-689F8BFAB0B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{34B9592D-E4FE-44BD-B472-F6B215EA91BF}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{36214223-C755-4C79-ADAF-650DDDAD31DC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{42BD88B2-42E0-4020-92FF-235B5C15E337}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5CF4352B-85F8-4B49-9A37-672E4B35A33F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{622D0B6B-D67A-49C7-BB6C-CF815982690B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{648457F7-7C70-4177-AF7E-79124DA61E2A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{67E17BA7-8509-40A1-AA8C-FC8D5A7CF072}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\limbo\limbo.exe |
"{6CFFC175-BFD0-46EE-B219-32C8168976B1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7C4A12CE-ADE2-41C6-8A2F-2D39C61492A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A644390-C10E-4C3F-A4B3-FB4170B21FF8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C284C45-61D9-4FA8-B6BA-8A0748330786}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\limbo\limbo.exe |
"{952A3C35-8804-4F84-8B2C-E6F8613FEAB2}" = protocol=6 | dir=out | app=system |
"{9923311D-9AF9-41E7-93D2-BA636098A2ED}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A7F1D7B2-1426-4CDC-B2AD-F77E63ECCF38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8C5602C-D657-4443-A494-30DAA7A2C75B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC346E9B-4338-406E-8017-65C13F375F43}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B71B51A4-9218-4EF7-A002-9AE1D73F048E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B9522821-692D-4318-84A5-E65743420AAC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6470169-58E9-4590-8C86-CE335530A4FA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CE824620-BC5F-4844-AB01-6E1DFEEB5A0C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D35D8C87-5549-4FC7-A1C2-FE2E44C20856}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D480B81A-6D40-4389-AB07-2C9591F63E06}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB9C067E-4ECF-4282-B360-002C2B4F6044}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCF0AAC9-E873-4FCC-94CC-1EB6A9FDF7FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFC9AF84-0E8C-4ECD-93AB-AB8DEC662EA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0277FD6-50F6-4674-8FA6-024EB24A04D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EACA6D78-54ED-48DA-90B1-515CAFEADA2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF4A3FFD-AE9F-4C2B-AA8A-D8EC76500F9B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F53BD809-17AC-465B-A3A9-089A082C3EAF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB81AB66-2419-4F1B-8B73-517AAEACEE87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{3E7760DF-5DB1-4F8D-88C2-8DA3701A9336}D:\metin2\metin2client.bin" = protocol=6 | dir=in | app=d:\metin2\metin2client.bin |
"TCP Query User{4A7706F0-6F48-4198-BE7F-E1C5B9D7AC4F}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"TCP Query User{85057E50-B62A-4AEA-9A8A-61990424F162}D:\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\tera\tera-launcher.exe |
"TCP Query User{B97EDF45-F491-4E10-833A-31253FCB6811}D:\zeug\miranda\miranda32.exe" = protocol=6 | dir=in | app=d:\zeug\miranda\miranda32.exe |
"TCP Query User{E21EF355-A6E0-420F-891C-1161EDC6941F}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{567DEFB5-D3E0-4E47-A2B6-2AEF44BC0CC5}D:\zeug\miranda\miranda32.exe" = protocol=17 | dir=in | app=d:\zeug\miranda\miranda32.exe |
"UDP Query User{AF2E3143-54E6-4615-8C34-298AF6A53615}D:\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\tera\tera-launcher.exe |
"UDP Query User{E8B326F0-165D-4B02-974F-63DA6011A29C}C:\program files (x86)\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{ED7CDFE1-062D-4262-8A9D-A72E8DA623EB}D:\metin2\metin2client.bin" = protocol=17 | dir=in | app=d:\metin2\metin2client.bin |
"UDP Query User{FCFB8E85-FFC3-4CC1-AE8E-43C9200591FE}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06CB0DD1-71A5-F352-E0A9-FE6016380A8F}" = AMD Drag and Drop Transcoding
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"EPSON BX305 Series" = Druckerdeinstallation für EPSON BX305 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}" = Shutdown Timer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = Catalyst Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = „Der Herr der Ringe Online™“ v03.08.00.8025
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"bc8a6440-918f-11dd-ad8b-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.17.01.801
"BFGC" = Big Fish Games: Game Manager
"BFG-Drawn - Der Turm" = Drawn®: Der Turm ™
"BFG-Drawn - Flucht aus der Dunkelheit" = Drawn®: Flucht aus der Dunkelheit ™
"BFG-Drawn - Gefaehrliche Schatten" = Drawn: Gefährliche Schatten
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Miranda IM" = Miranda IM 0.10.12
"QType" = Quickly type(english)
"Steam App 48000" = LIMBO
"VLC media player" = VLC media player 2.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2159210148-4085374171-1169642832-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HappyCloud" = Happy Cloud Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.05.2013 06:50:07 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.05.2013 05:33:49 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.05.2013 06:14:54 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.05.2013 07:11:25 | Computer Name = Feeluck-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bca28 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc000041d Fehleroffset: 0x770f1221 ID des fehlerhaften
Prozesses: 0x12f0 Startzeit der fehlerhaften Anwendung: 0x01ce4a4a7013972f Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: b03e0c50-b63d-11e2-bf70-902b3437f8d1
Error - 06.05.2013 07:11:28 | Computer Name = Feeluck-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bca28 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc000041d Fehleroffset: 0x770f1221 ID des fehlerhaften
Prozesses: 0x1548 Startzeit der fehlerhaften Anwendung: 0x01ce4a4a7466d4e6 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: b218c6b3-b63d-11e2-bf70-902b3437f8d1
Error - 07.05.2013 00:04:45 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2013 03:45:53 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2013 04:07:34 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2013 10:49:26 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.05.2013 15:54:45 | Computer Name = Feeluck-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 07.05.2013 04:02:47 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:48 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:48 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:49 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:50 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:50 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:51 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:52 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:52 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 07.05.2013 04:02:53 | Computer Name = Feeluck-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
|
AdwCleaner auf deinen Desktop.
SecurityCheck und:
Aktualität von System und Software
Textbox. 