Seite 1 von 3 123 LetzteLetzte
Ergebnis 1 bis 10 von 28

Thema: Ist sehr langsam geworden

  1. #1
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    Ist sehr langsam geworden

    Nabend,
    mein pc ist seit ner woche echt lahm z.b. IE9 braucht 10 sek zum start und skype auch usw.
    weiß echt net was ich machen soll habe schon datenträgerbereinigung gemacht und halt alles was ich bei google gefunden habe (außer tuneup)

    Code:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:38:58, on 11.12.2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16455)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Free Download Manager\fdm.exe
    C:\Users\BMW\AppData\Local\Temp\HijackThis.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-21-2820263389-1582751978-2667878151-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-2820263389-1582751978-2667878151-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Startup: No-IP DUC.lnk = C:\Program Files (x86)\No-IP\DUC30.exe
    O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted IP range: http://127.0.0.1
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 9324 bytes
    MFG
    Vik1299
    Geändert von Vik1299 (11.12.2012 um 18:44 Uhr)

  2. #2
    Moderator Team-Mitglied Avatar von Eric Lee
    Registriert seit
    29.07.2012
    Beiträge
    2.397

    AW: Ist sehr langsam geworden

    Hallo Vik1299,

    willkommen im Forum. Ich werde versuchen dir bei deinem Problem behilflich zu sein

    - Punkt 1 -
    Zu Beginn ein Hinweis: Bitte lesen. Danach geht es los.

    - Punkt 2 -
    Tritt das Problem bei allen Programmen auf, auch bei Systemstart oder "hängt" der PC wenn du z.B. Text eingibst? Tritt das Problem noch auf wenn du den PC in den abgesicherten Modus mit Netzwerktreibern (beachte Petras Anleitung hier) startest? Verändert sich etwas wenn du NO-IP deaktivierst?

    - Punkt 3-
    Mache einen OTL Systemscan nach folgender Anleitung. Hijackthis ist für aktuelle Betriebssysteme wie Vista/7/8 leider nicht geeignet, dort hilft uns OTL. Außerdem liste mir bitte die Autostart Einträge mit CCleaner.

    1)
    • Lade dir OTL von OldTimer herunter und speichere es auf deinem Desktop.
    • Schließe alle anderen Programme.
    • Windows Vista/7 User: Starte das Programm via Rechtsklick > als Administrator ausführen.
    • Wähle bei allen Einstellungen "Benutze SafeList", hake "Alle Benutzer" und falls erforderlich "64Bit Scans" an. Aktiviere Standard Ausgabe sowie LOP und Purity Prüfung.
    • Starte den Scan.
    • Nach dem Scan werden zwei Logfiles (OTL.txt und Extras.txt) erstellt. Anonymisiere falls erforderlich Nutzernamen durch ***** und poste sie hier im Forum. Benutze bitte die #Code-Tags.


    2)
    • Lade dir bitte CCleaner von Piriform herunter und installiere das Programm. Falls eine Toolbar oä. angeboten wird wähle das Angebot ab.
    • Starte das Programm und wähle unter Extas die Karte "Autostart".
    • Speichere die Autostarteinträge über "Als Textdatei speichern..." und poste den Inhalt hier im Forum. Auch hier benutze bitte die #Code-Tags.


    - Punkt 4 -
    Gib mir bitte noch einen kurzen Überblick über "alles was ich bei google gefunden habe". Stichpunkte reichen

    Schönen Gruß,
    Eric Lee
    | Neu hier? Bitte abarbeiten. | Forenregeln | Feedback | Stellenausschreibung im Forum | OS X or BSD Malware? PM me. |
    | Danke 1uV829dYGPwKk8Q1khoH4o9MuEqWSgyXE (BTC) | Browser TLSv1.2? | Wie sicher ist dein Browser? | How unique are you? |

  3. #3
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    AW: Ist sehr langsam geworden

    Doubble Posting
    Geändert von Vik1299 (11.12.2012 um 20:56 Uhr) Grund: Doubble Posting

  4. #4
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    AW: Ist sehr langsam geworden

    1.erledigt
    2.kein unterschied
    3.alles unten
    4. -defrag
    -datenträgerbereinigung
    -temp ordner leeren
    -alle unnötigen dienste und autostart ausmachen

    OTL.txt
    Code:
    OTL logfile created on: 11.12.2012 20:19:27 - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BMW\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    4,00 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 58,80% Memory free
    7,99 Gb Paging File | 6,44 Gb Available in Paging File | 80,62% Paging File free
    Paging file location(s): c:\pagefile.sys 4093 8192 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 686,30 Gb Total Space | 532,66 Gb Free Space | 77,61% Space Free | Partition Type: NTFS
    Drive F: | 245,12 Gb Total Space | 188,01 Gb Free Space | 76,70% Space Free | Partition Type: NTFS
     
    Computer Name: BMW-PC | User Name: BMW | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2012.12.11 20:12:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BMW\Desktop\OTL.exe
    PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
    PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012.10.28 18:57:10 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2010.11.17 02:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2010.03.08 03:50:00 | 000,235,560 | ---- | M] () -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe
    PRC - [2008.06.12 21:05:04 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe
     
     
    ========== Modules (No Company Name) ==========
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV - [2012.11.19 21:48:16 | 002,462,128 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012.10.28 18:57:10 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2012.10.19 15:56:30 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2012.10.02 11:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2012.08.18 11:38:26 | 000,022,016 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.4)
    SRV - [2012.08.03 12:22:18 | 000,010,240 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService)
    SRV - [2012.07.17 15:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010.03.08 03:50:00 | 000,235,560 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe -- (Marvell RAID)
    SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008.06.12 21:05:04 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe -- (MRUWebService)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2012.11.24 12:52:27 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
    DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.12.15 20:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2011.09.29 10:30:34 | 000,646,248 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2011.09.16 08:12:58 | 000,032,360 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
    DRV:64bit: - [2011.06.15 14:11:20 | 000,058,472 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
    DRV:64bit: - [2011.06.15 14:11:20 | 000,027,136 | ---- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
    DRV:64bit: - [2011.05.18 16:57:32 | 000,041,256 | ---- | M] (SeriousBit) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (Nbdrv)
    DRV:64bit: - [2010.11.20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
    DRV:64bit: - [2010.11.20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
    DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
    DRV:64bit: - [2010.11.20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
    DRV:64bit: - [2010.11.19 03:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2010.11.19 03:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
    DRV:64bit: - [2010.04.27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
    DRV:64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
    DRV:64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
    DRV:64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
    DRV:64bit: - [2010.02.23 20:31:08 | 000,769,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\arusb_win7x.sys -- (arusb_win7x)
    DRV:64bit: - [2009.10.27 07:37:14 | 000,022,568 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
    DRV:64bit: - [2009.08.13 07:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
    DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
    DRV:64bit: - [2009.04.28 02:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009.04.28 02:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
    DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
    DRV - [2010.07.01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
    DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (All) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     
     
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
     
    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
     
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A E3 56 76 5B B4 CD 01  [binary data]
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..\SearchScopes,DefaultScope = {58A35188-F41B-4978-885B-A2290E915706}
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..\SearchScopes\{58A35188-F41B-4978-885B-A2290E915706}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A E3 56 76 5B B4 CD 01  [binary data]
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..\SearchScopes,DefaultScope = {58A35188-F41B-4978-885B-A2290E915706}
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..\SearchScopes\{58A35188-F41B-4978-885B-A2290E915706}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
     
    ========== FireFox ==========
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
    FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
     
     
     
    O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Microsoft-Konto-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000..\Run: [Clownfish]  File not found
    O4 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
    O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
    O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
    O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..Trusted Ranges: Range1 ([http] in Trusted sites)
    O15 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
    O15 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..Trusted Ranges: Range1 ([http] in Trusted sites)
    O15 - HKU\S-1-5-21-2820263389-1582751978-2667878151-1003\..Trusted Ranges: Range1 ([https] in Trusted sites)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D16CE02D-3D03-4769-9020-555A79FC65BD}: DhcpNameServer = 192.168.178.1
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
    O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2012.12.11 20:12:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\BMW\Desktop\OTL.exe
    [2012.12.11 19:06:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
    [2012.12.11 18:58:46 | 000,000,000 | ---D | C] -- C:\Users\BMW\Documents\Registry_backups
    [2012.12.11 18:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2012.12.11 18:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2012.12.09 16:40:01 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
    [2012.12.09 16:40:01 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
    [2012.12.09 16:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
    [2012.12.09 16:39:59 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
    [2012.12.09 16:39:58 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
    [2012.12.09 16:39:58 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
    [2012.12.09 16:39:51 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
    [2012.12.09 16:39:51 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
    [2012.12.09 16:38:23 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2012.12.09 16:38:22 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
    [2012.12.09 16:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2012.12.09 16:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2012.12.09 16:27:39 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2012.12.09 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
    [2012.12.09 12:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
    [2012.12.09 00:48:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
    [2012.12.09 00:30:56 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\Malwarebytes
    [2012.12.09 00:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012.12.09 00:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012.12.09 00:30:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012.12.09 00:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012.12.08 23:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACR
    [2012.12.08 18:39:33 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\Vitalwerks
    [2012.12.08 18:39:25 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
    [2012.12.08 18:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP
    [2012.12.06 15:53:37 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\TeamViewer
    [2012.12.05 19:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
    [2012.12.04 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\Bus Simulator 2012
    [2012.12.04 19:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus-Simulator 2012
    [2012.12.04 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\astragon
    [2012.12.02 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\LogMeIn Hamachi
    [2012.12.02 11:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    [2012.12.02 11:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2012.12.02 10:54:11 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\OpenOffice.org
    [2012.12.02 10:53:47 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
    [2012.12.02 10:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
    [2012.12.01 22:28:46 | 000,000,000 | ---D | C] -- C:\Users\BMW\Documents\Games for Windows - LIVE Demos
    [2012.11.30 20:51:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012.11.30 20:38:41 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\NeoSmart_Technologies
    [2012.11.30 20:38:29 | 000,000,000 | ---D | C] -- C:\NST
    [2012.11.30 20:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
    [2012.11.30 20:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeoSmart Technologies
    [2012.11.30 19:08:20 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
    [2012.11.30 19:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
    [2012.11.29 16:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
    [2012.11.29 16:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\nLite
    [2012.11.27 20:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\racer
    [2012.11.27 19:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\racer0655
    [2012.11.25 19:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
    [2012.11.25 19:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
    [2012.11.25 19:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
    [2012.11.25 18:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mp3DirectCut
    [2012.11.24 12:12:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber
    [2012.11.24 12:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC
    [2012.11.24 12:09:37 | 000,000,000 | R--D | C] -- C:\Users\BMW\Virtual Machines
    [2012.11.24 12:02:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
    [2012.11.24 12:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
    [2012.11.24 11:55:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
    [2012.11.24 11:55:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
    [2012.11.24 11:55:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
    [2012.11.24 11:55:47 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpchbus.sys.mui
    [2012.11.24 11:55:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
    [2012.11.24 11:55:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
    [2012.11.24 11:55:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
    [2012.11.24 11:55:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
    [2012.11.24 11:55:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
    [2012.11.24 11:55:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcvmm.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcuxd.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
    [2012.11.24 11:55:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcnfltr.sys.mui
    [2012.11.24 11:55:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
    [2012.11.24 11:55:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
    [2012.11.24 11:55:45 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
    [2012.11.24 11:55:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
    [2012.11.24 11:55:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcusb.sys.mui
    [2012.11.24 11:55:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
    [2012.11.24 11:55:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
    [2012.11.24 11:55:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
    [2012.11.24 11:55:44 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
    [2012.11.24 11:55:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
    [2012.11.24 11:55:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
    [2012.11.24 11:55:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
    [2012.11.24 11:55:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
    [2012.11.24 11:55:43 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
    [2012.11.24 11:55:43 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
    [2012.11.24 11:55:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
    [2012.11.24 11:55:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
    [2012.11.24 11:55:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
    [2012.11.24 11:55:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
    [2012.11.24 11:55:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
    [2012.11.24 11:55:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
    [2012.11.24 11:55:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
    [2012.11.24 11:55:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
    [2012.11.24 11:55:42 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
    [2012.11.24 11:55:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
    [2012.11.24 11:55:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
    [2012.11.24 11:55:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
    [2012.11.24 11:55:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
    [2012.11.24 11:55:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
    [2012.11.24 11:55:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
    [2012.11.24 11:55:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
    [2012.11.24 11:55:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
    [2012.11.24 11:55:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
    [2012.11.24 11:55:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
    [2012.11.24 11:55:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
    [2012.11.24 11:55:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
    [2012.11.24 11:55:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
    [2012.11.24 11:55:40 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
    [2012.11.24 11:55:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
    [2012.11.24 11:55:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
    [2012.11.24 11:55:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
    [2012.11.24 11:55:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
    [2012.11.24 11:55:39 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
    [2012.11.24 11:55:39 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
    [2012.11.24 11:55:39 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
    [2012.11.24 11:55:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
    [2012.11.24 11:55:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
    [2012.11.24 11:55:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
    [2012.11.24 11:55:38 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
    [2012.11.24 11:55:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
    [2012.11.24 11:55:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
    [2012.11.24 11:55:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
    [2012.11.24 11:55:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
    [2012.11.24 11:55:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
    [2012.11.24 11:55:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
    [2012.11.24 11:55:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
    [2012.11.24 11:55:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
    [2012.11.24 11:55:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
    [2012.11.24 11:55:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
    [2012.11.24 11:55:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
    [2012.11.24 11:55:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
    [2012.11.24 11:55:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
    [2012.11.24 11:55:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
    [2012.11.24 11:55:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
    [2012.11.24 11:55:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
    [2012.11.24 11:55:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
    [2012.11.24 11:55:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
    [2012.11.24 11:55:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
    [2012.11.24 11:55:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
    [2012.11.24 11:55:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
    [2012.11.24 11:55:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
    [2012.11.24 11:55:00 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
    [2012.11.24 11:55:00 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
    [2012.11.24 11:54:59 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
    [2012.11.24 11:54:59 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
    [2012.11.24 11:54:59 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
    [2012.11.24 11:54:59 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
    [2012.11.24 11:54:59 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
    [2012.11.24 11:54:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
    [2012.11.24 11:54:51 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
    [2012.11.24 11:54:51 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
    [2012.11.24 11:54:51 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
    [2012.11.24 11:21:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
    [2012.11.24 11:21:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
    [2012.11.21 22:12:47 | 000,000,000 | ---D | C] -- C:\Windows\de
    [2012.11.21 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    [2012.11.21 22:11:30 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
    [2012.11.21 22:10:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
    [2012.11.21 22:06:21 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\Windows Live
    [2012.11.21 22:06:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
    [2012.11.20 20:20:00 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Local\ESN
    [2012.11.17 15:11:35 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\MySQL
    [2012.11.17 15:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
    [2012.11.17 15:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MySQL
    [2012.11.17 15:04:49 | 000,000,000 | ---D | C] -- C:\Users\BMW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
    [2012.11.17 15:04:38 | 000,000,000 | ---D | C] -- C:\xampp
    [2012.11.16 18:45:56 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
    [2012.11.16 18:45:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
    [2012.11.16 18:40:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012.11.16 18:40:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012.11.16 18:40:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012.11.16 18:40:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012.11.16 18:40:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012.11.16 18:40:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012.11.16 18:40:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2012.11.16 18:40:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012.11.16 18:40:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2012.11.16 18:40:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2012.11.16 18:40:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2012.11.16 18:40:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012.11.16 18:40:39 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012.11.16 18:40:39 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012.11.16 18:40:39 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2012.11.16 18:37:42 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
    [2012.11.16 18:37:40 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
    [2012.11.16 18:37:39 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
    [2012.11.16 18:37:39 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
    [2012.11.16 16:13:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
    [2012.11.16 16:13:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
    [2012.11.16 16:13:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
    [2012.11.16 16:12:50 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
    [2012.11.16 16:12:50 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
    [2012.11.16 16:12:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
    [2012.11.16 16:12:49 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
    [2012.11.16 16:12:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
    [2012.11.16 16:12:49 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
    [2012.11.16 16:12:23 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
    [2012.11.16 16:12:23 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
    [2012.11.15 16:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
    [2012.11.15 16:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
    [2012.11.13 20:48:00 | 000,000,000 | ---D | C] -- C:\Users\BMW\Desktop\Survivers_Beta_3
    [2012.11.13 19:46:41 | 000,031,232 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
    [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2012.12.11 20:12:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BMW\Desktop\OTL.exe
    [2012.12.11 20:11:13 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
    [2012.12.11 20:11:13 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2012.12.11 19:13:36 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
    [2012.12.11 18:56:43 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.12.11 18:13:17 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012.12.11 18:13:17 | 000,014,864 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012.12.11 17:59:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012.12.11 16:45:33 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012.12.11 16:45:33 | 000,657,478 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2012.12.11 16:45:33 | 000,617,022 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012.12.11 16:45:33 | 000,131,150 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2012.12.11 16:45:33 | 000,107,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012.12.11 16:40:54 | 000,019,520 | ---- | M] () -- C:\Windows\za_mv_raid.ev
    [2012.12.11 16:40:54 | 000,000,096 | ---- | M] () -- C:\Windows\za_mv_seqnum.ev
    [2012.12.11 16:40:50 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat
    [2012.12.11 16:40:11 | 3218,939,904 | -HS- | M] () -- C:\hiberfil.sys
    [2012.12.10 16:32:34 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2012.12.10 16:32:14 | 000,238,191 | ---- | M] () -- C:\Users\BMW\Desktop\DCM13254.JPG
    [2012.12.09 16:39:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
    [2012.12.09 16:31:50 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2012.12.09 12:40:18 | 000,001,092 | ---- | M] () -- C:\Users\BMW\Desktop\MSI Afterburner.lnk
    [2012.12.09 00:30:52 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.12.01 21:34:16 | 000,075,894 | ---- | M] () -- C:\Users\BMW\Documents\Dienstplan_Dez2012.ods
    [2012.11.25 19:10:54 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
    [2012.11.25 18:56:56 | 000,001,059 | ---- | M] () -- C:\Users\BMW\Desktop\mp3DirectCut.lnk
    [2012.11.19 21:46:06 | 000,002,184 | -H-- | M] () -- C:\Users\BMW\Documents\Default.rdp
    [2012.11.17 15:04:49 | 000,000,614 | ---- | M] () -- C:\Users\BMW\Desktop\XAMPP Control Panel.lnk
    [2012.11.15 16:59:54 | 000,001,089 | ---- | M] () -- C:\Users\BMW\Desktop\Cheat Engine.lnk
    [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2012.12.11 18:56:43 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.12.10 16:32:22 | 000,238,191 | ---- | C] () -- C:\Users\BMW\Desktop\DCM13254.JPG
    [2012.12.09 16:40:01 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
    [2012.12.09 16:39:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
    [2012.12.09 12:40:18 | 000,001,092 | ---- | C] () -- C:\Users\BMW\Desktop\MSI Afterburner.lnk
    [2012.12.09 00:30:52 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.12.01 21:34:16 | 000,075,894 | ---- | C] () -- C:\Users\BMW\Documents\Dienstplan_Dez2012.ods
    [2012.11.25 19:10:54 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
    [2012.11.25 18:56:56 | 000,001,059 | ---- | C] () -- C:\Users\BMW\Desktop\mp3DirectCut.lnk
    [2012.11.24 12:12:57 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
    [2012.11.21 22:12:32 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    [2012.11.21 22:12:22 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    [2012.11.18 11:34:47 | 000,002,184 | -H-- | C] () -- C:\Users\BMW\Documents\Default.rdp
    [2012.11.17 15:04:49 | 000,000,614 | ---- | C] () -- C:\Users\BMW\Desktop\XAMPP Control Panel.lnk
    [2012.11.16 18:46:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
    [2012.11.16 18:37:39 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
    [2012.11.15 16:59:54 | 000,001,089 | ---- | C] () -- C:\Users\BMW\Desktop\Cheat Engine.lnk
    [2012.10.28 15:11:27 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2012.10.28 15:11:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2012.10.27 18:20:47 | 000,000,008 | ---- | C] () -- C:\Windows\mvraidver.dat
    [2012.10.27 18:20:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mvcli.ini
    [2012.09.28 16:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
    [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
     
    ========== ZeroAccess Check ==========
     
    [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2012.11.07 21:04:49 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\.minecraft
    [2012.12.04 17:51:36 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\Audacity
    [2012.12.11 20:13:47 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\Free Download Manager
    [2012.11.17 15:11:35 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\MySQL
    [2012.12.11 19:04:02 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\Notepad++
    [2012.12.02 10:54:11 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\OpenOffice.org
    [2012.12.06 20:29:52 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\Origin
    [2012.12.06 15:58:49 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\TeamViewer
    [2012.10.28 14:26:49 | 000,000,000 | ---D | M] -- C:\Users\BMW\AppData\Roaming\TechSmith
     
    ========== Purity Check ==========
     
     
    
    < End of report >
    Extras.txt
    Code:
    OTL Extras logfile created on: 11.12.2012 20:19:27 - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BMW\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    4,00 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 58,80% Memory free
    7,99 Gb Paging File | 6,44 Gb Available in Paging File | 80,62% Paging File free
    Paging file location(s): c:\pagefile.sys 4093 8192 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 686,30 Gb Total Space | 532,66 Gb Free Space | 77,61% Space Free | Partition Type: NTFS
    Drive F: | 245,12 Gb Total Space | 188,01 Gb Free Space | 76,70% Space Free | Partition Type: NTFS
     
    Computer Name: BMW-PC | User Name: BMW | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{15EB65B8-FE7C-40E8-85EC-CED87635E7A2}" = lport=32887 | protocol=17 | dir=in | name=aos | 
    "{1B8D216F-F9EC-405E-9CB5-1969E8F8A47E}" = rport=445 | protocol=6 | dir=out | app=system | 
    "{265AE0B8-C5A5-4354-9652-F0A3C9829292}" = lport=137 | protocol=17 | dir=in | app=system | 
    "{2C687A82-306C-4030-B276-C1A11EEFBE73}" = lport=21693 | protocol=17 | dir=in | name=sur | 
    "{2F7B76BC-EF34-4FFD-BAC0-2D99F4F5B9CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{30A44041-A2D6-46F8-BF1F-5B1C8A598D41}" = rport=137 | protocol=17 | dir=out | app=system | 
    "{34BDCAB7-EA48-4744-9214-232ADA9C1447}" = rport=10243 | protocol=6 | dir=out | app=system | 
    "{35DB9477-9DB1-4D86-AAA5-E5EE403F8EF1}" = lport=139 | protocol=6 | dir=in | app=system | 
    "{3E09E571-0485-4FAB-92CD-143C096FDE48}" = lport=25000 | protocol=17 | dir=in | name=racer | 
    "{3E7E5E22-AD1C-4F60-ACC0-7D85037005C8}" = lport=22003 | protocol=17 | dir=in | name=mtasa | 
    "{493A9993-4785-4455-8B05-13CF5A6A21DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
    "{538F0659-EBED-4743-B00A-762A32FFD02B}" = lport=10243 | protocol=6 | dir=in | app=system | 
    "{5B7289ED-3179-4BC1-A393-C962C2BBACC1}" = lport=22005 | protocol=6 | dir=in | name=mtasa | 
    "{5BA697E4-4346-413C-9780-54EFA2DB47AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{5E41A9AE-8429-4FFE-8ABE-79A692EEA8ED}" = lport=138 | protocol=17 | dir=in | app=system | 
    "{74EF5B78-E28B-4F91-B63C-4ABA56C0C6CB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
    "{76E5990D-8BD3-43A5-A275-2D52F1E6EDB0}" = lport=445 | protocol=6 | dir=in | app=system | 
    "{7ABCC8D2-A4E8-460A-9ECC-EE8533FFD6C5}" = rport=138 | protocol=17 | dir=out | app=system | 
    "{7BB1CD80-1F79-4C93-87C3-70C96B66D60A}" = lport=2869 | protocol=6 | dir=in | app=system | 
    "{85F0C8AE-F444-466C-A5E6-C8BA3C4BC638}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
    "{88EC8CB2-7DFD-47E5-B40F-E7A9BFF352C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{973D2CF0-AF2F-40FB-B03D-F70AD68EE2A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{A3116032-3088-433F-AD1B-5BCD925E807F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{B2D77CAF-7479-414A-BB1F-1720A86C225B}" = lport=22126 | protocol=17 | dir=in | name=mtasa | 
    "{B3643210-04E0-4E34-98D8-07595488FD65}" = lport=32887 | protocol=6 | dir=in | name=aos | 
    "{DBDB22D6-9682-4759-9803-80B96BA17BC1}" = lport=25000 | protocol=6 | dir=in | name=racer | 
    "{E6FD7D33-3F43-4D64-980E-99C49D1D0024}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
    "{E86B1485-8346-43FF-AB54-270FCD3255FD}" = lport=22003 | protocol=6 | dir=in | name=mtasa | 
    "{EDB991E5-DE31-4F93-AA91-8BEC364D047E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{EE3C26D7-2F2C-4DED-85A8-D6722354B382}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{F7AD6B00-4B32-4B66-BD6F-48DF61CE6EFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{F910507A-20E5-40A5-8B48-F32E24A56808}" = rport=139 | protocol=6 | dir=out | app=system | 
    "{FFEB9C16-3244-478F-9D7F-0E438CFEEF7A}" = lport=21693 | protocol=6 | dir=in | name=sur | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{021195D3-9DE3-4855-8A05-74C56B05D840}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe | 
    "{03663EAB-9BA6-4597-89ED-C360FDD36603}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
    "{12CFA7EC-6B3A-4B3F-B2D9-34E28F847880}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
    "{2D4092ED-7E2F-45F8-AE7D-D2DD98E1E8E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
    "{2D692F0B-FDC7-4968-99D4-221019FBF898}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
    "{3709D23F-24B2-4FE2-A839-B3636F5FA1DB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{3D309D9E-4106-4CB4-8609-7C8CBE6088D8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{49DC129C-D86E-4981-95C1-6780B5EB9E70}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{4BAA66D1-D516-407C-8DCC-9C3504D697E3}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
    "{56BA6B73-7F80-448C-8F53-24E2762C60B0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{56C6D970-7500-41DF-AF09-EA65E06E1A6C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
    "{5743E708-A1BE-480D-8852-ED1BA000AF3A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{58E6B66E-19AC-4174-98EB-A9C43B60BC83}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{5AB1B008-00D9-41C7-9C46-3C823AE15E7A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe | 
    "{5E3B03F8-8F9A-4874-A69C-893460DD3ED3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{6AF2BC6E-5A04-4BC5-904D-841F8DAE4827}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
    "{6D18072F-1E5B-4CC1-B263-FA5635C0CE09}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
    "{7029C088-A530-49F8-8BBF-346DF63AC8F4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
    "{76625716-C1C1-4C85-94F1-4CA00C90279E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
    "{787E6375-CB7B-471E-A757-38235ADF2297}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
    "{852A0BC9-6F0A-4AB2-8A47-747CC7C7B6B0}" = protocol=6 | dir=out | app=system | 
    "{8D233A1A-47F7-4574-9AF8-8BAFAB5E48FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday the heist\payday_win32_release.exe | 
    "{90192E95-0427-466A-B2A5-F3A5B98CC1B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{9158156B-41C6-4691-BE18-DFE63F94B57B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{960BB5AF-D828-4B98-A6B0-F986E0229722}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
    "{9BDE2CCE-4A4C-4401-B823-2D232C0AD5F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{9C1C3768-029A-4FF8-8DB3-79D641F6CC23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{A58F01A9-9269-4560-A35E-91E65230E34E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{AB805BB1-6758-4F2D-AE1C-1AFB7CF9196D}" = protocol=58 | dir=in | app=system | 
    "{AC0552A9-706B-4349-A342-1202CA4936ED}" = protocol=6 | dir=in | app=c:\program files (x86)\apb reloaded\binaries\vivoxvoiceservice.exe | 
    "{B040F086-0AEA-42DC-80D3-E54D135C6D10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{CC102DAD-E6CB-42C6-9934-4784E4A0B8BA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
    "{CC37A044-A755-4E1C-A319-CCF2EF5AF4AD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
    "{D02AF797-2F25-4043-9936-3DE1189660CA}" = protocol=6 | dir=in | app=c:\program files (x86)\apb reloaded\binaries\apb.exe | 
    "{D082A471-E5ED-4B7A-BBF6-B5828DBF4A9D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{D296AD6E-8B1B-4EF2-B9E4-E27AFC7395BF}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe | 
    "{E755F361-902C-4DB6-869B-F7CE4345090C}" = protocol=17 | dir=in | app=c:\program files (x86)\apb reloaded\binaries\apb.exe | 
    "{ED13C883-0802-4B3B-AEB8-F7374578F503}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
    "{F0C12282-9002-4677-9D09-C98F78150D06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{F63B9B68-4676-43F9-B090-AA65393B5731}" = protocol=17 | dir=in | app=c:\program files (x86)\apb reloaded\binaries\vivoxvoiceservice.exe | 
    "{F7DB0510-5B9F-49B3-9472-568020205A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
    "TCP Query User{1250B13F-5ADD-4B86-AF18-B080CCE9DA3F}C:\users\bmw\desktop\survivers_beta_3\survivers_beta_3.exe" = protocol=6 | dir=in | app=c:\users\bmw\desktop\survivers_beta_3\survivers_beta_3.exe | 
    "TCP Query User{233EA7D9-F403-451F-B9D3-2080A4D1ABA6}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | 
    "TCP Query User{23ADC91D-E5AE-4633-9452-AB7A1DDB2CE4}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe | 
    "TCP Query User{2E9C5EAF-D34E-4D7D-A5A8-98467DCE23BD}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe | 
    "TCP Query User{61A27B46-CAB3-428C-A4AC-B4C0129B1448}C:\program files (x86)\racer0655\racer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\racer0655\racer.exe | 
    "TCP Query User{671F129D-0881-4579-9143-A596B1C57D78}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\marvell\raid\apache2\bin\httpd.exe | 
    "TCP Query User{687BE588-5E76-46CF-AFD7-F8C4028FDDE6}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | 
    "TCP Query User{8F09F16E-BBF2-45A7-A019-DF67DA180B90}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | 
    "TCP Query User{A4B57B8A-717E-4413-9F79-37AA99A4CE70}C:\program files (x86)\racer\racer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\racer\racer.exe | 
    "TCP Query User{A9C50E12-AA92-48E5-B294-63AF9919B095}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | 
    "TCP Query User{AFFDBCDB-2889-41AC-93F0-2603750D8A7A}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
    "TCP Query User{C0BCA91F-38B2-4618-AD20-5F509F6DEDAA}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe | 
    "TCP Query User{C4A287CD-167D-4F5E-900B-FC07E696387D}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
    "TCP Query User{CDB2224E-3046-42A9-886D-B7DFBF71FA53}C:\program files (x86)\microsoft virtual pc\virtual pc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft virtual pc\virtual pc.exe | 
    "UDP Query User{07F30B85-DA63-4E39-8E04-E3F65E1BBA22}C:\users\bmw\desktop\survivers_beta_3\survivers_beta_3.exe" = protocol=17 | dir=in | app=c:\users\bmw\desktop\survivers_beta_3\survivers_beta_3.exe | 
    "UDP Query User{08311EE2-20D7-49C4-8D3D-A796C6E53303}C:\program files (x86)\racer\racer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\racer\racer.exe | 
    "UDP Query User{210FEC4C-2819-4C9F-9AD3-DE732BA0CB7A}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
    "UDP Query User{291518FB-4FCB-4CDD-A216-2783792E2863}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\marvell\raid\apache2\bin\httpd.exe | 
    "UDP Query User{39387DF6-1AF3-4213-A3DB-F964AB6E263B}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe | 
    "UDP Query User{689C4AB9-5719-47EF-8B67-EDF5BAC60041}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe | 
    "UDP Query User{8216389C-386D-4089-9D33-0B1E6D45F45B}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe | 
    "UDP Query User{9DA340BE-2B5D-41E8-950A-9D0D6C12E4B3}C:\program files (x86)\atari\tdu2\uplauncher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\uplauncher.exe | 
    "UDP Query User{A212B593-C24B-44F3-B495-757A2F7880FE}C:\program files (x86)\racer0655\racer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\racer0655\racer.exe | 
    "UDP Query User{A9737133-CB83-43B7-A1B4-E80CC2680BA0}C:\program files (x86)\microsoft virtual pc\virtual pc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft virtual pc\virtual pc.exe | 
    "UDP Query User{D9987BA9-8E29-4654-9C72-52005BD1FA52}C:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\shift 2 unleashed\shift2u.exe | 
    "UDP Query User{E45D04BE-BC25-4994-B1D9-4857CF79FA86}C:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe | 
    "UDP Query User{F8F82FCB-4073-4201-9AC0-BAD70AD74DA7}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | 
    "UDP Query User{FC3071C9-04B6-4D98-8A9B-8C396C012E79}C:\program files (x86)\atari\tdu2\testdrive2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\tdu2\testdrive2.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    "{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "NetBalancer_is1" = NetBalancer
    "TeamSpeak 3 Client" = TeamSpeak 3 Client
    "Unlocker" = Unlocker 1.9.1-x64
    "WinRAR archiver" = WinRAR 4.20 (64-Bit)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
    "{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
    "{23C3EF87-AD08-4F76-982D-1AE137485F08}" = MySQL Workbench 5.2 CE
    "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{32B08666-1587-435D-988C-7958A04B218A}_is1" = OMSI Addon Manager Version 1.2.3
    "{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
    "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
    "{434D0FA0-AB8C-497F-B30A-7A1000038201}" = DiRT 3
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{573576B6-2112-4679-BF42-C8D9CE2E4A29}" = Ace of Spades
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
    "{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
    "{7AB86D35-DF3B-407F-B43E-468345DABF29}" = SL-6555-SBK
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{CAE017F8-C238-4397-879B-7FBB915D9457}" = LogMeIn Hamachi
    "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
    "{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
    "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
    "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Afterburner" = MSI Afterburner 2.3.0
    "aTube Catcher" = aTube Catcher
    "Audacity_is1" = Audacity 2.0.2
    "avast" = avast! Free Antivirus
    "Battlelog Web Plugins" = Battlelog Web Plugins
    "Bus-Simulator 2012_is1" = Bus-Simulator 2012
    "Cheat Engine 6.2_is1" = Cheat Engine 6.2
    "Clownfish" = Clownfish for Skype
    "EasyBCD" = EasyBCD 2.2
    "Electronic Arts Game Updater" = Electronic Arts Game Updater
    "ESET Online Scanner" = ESET Online Scanner v3
    "ESN Sonar-0.70.4" = ESN Sonar
    "Fraps" = Fraps (remove only)
    "Free Download Manager_is1" = Free Download Manager 3.9
    "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "LAME_is1" = LAME v3.99.3 (for Windows)
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
    "Man Lion's City 2.10" = Man Lion's City 2.10
    "MinecraftAlpha" = MinecraftAlpha
    "MTA:SA 1.3" = MTA:SA v1.3.1
    "mv61xxMRU" = Marvell MRU V4
    "nLite_is1" = nLite 1.4.9.1
    "NoIPDUC" = No-IP DUC
    "Notepad++" = Notepad++
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "OpenAL" = OpenAL
    "Origin" = Origin
    "PunkBusterSvc" = PunkBuster Services
    "Steam App 24240" = PAYDAY: The Heist
    "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
    "WinLiveSuite" = Windows Live Essentials
    "xampp" = XAMPP 1.8.1
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 23.11.2012 14:12:51 | Computer Name = BMW-PC | Source = Apache Service | ID = 3299
    Description = The Apache service named  reported the following error:  >>> (OS 10048)Normalerweise
     darf jede Socketadresse (Protokoll, Netzwerkadresse oder Anschluss) nur jeweils
     einmal verwendet werden.  : make_sock: could not bind to address 0.0.0.0:8845  
       .
     
    Error - 23.11.2012 14:12:51 | Computer Name = BMW-PC | Source = Apache Service | ID = 3299
    Description = The Apache service named  reported the following error:  >>> no listening
     sockets available, shutting down     .
     
    Error - 23.11.2012 14:12:51 | Computer Name = BMW-PC | Source = Apache Service | ID = 3299
    Description = The Apache service named  reported the following error:  >>> Unable 
    to open logs     .
     
    Error - 26.11.2012 15:51:56 | Computer Name = BMW-PC | Source = Application Hang | ID = 1002
    Description = Programm xampp-control.exe, Version 3.1.0.0 kann nicht mehr unter 
    Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
     der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
    zu suchen.    Prozess-ID: f5c    Startzeit: 01cdcc0f486d843d    Endzeit: 2    Anwendungspfad: C:\xampp\xampp-control.exe
    
    Berichts-ID:
     a9933f5c-3802-11e2-b146-a02f2ea6b931  
     
    Error - 30.11.2012 13:58:22 | Computer Name = BMW-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514,
     Zeitstempel: 0x4ce7ae7f  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
     Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000053332
    ID
     des fehlerhaften Prozesses: 0xfb4  Startzeit der fehlerhaften Anwendung: 0x01cdcf2443e34672
    Pfad
     der fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe  Pfad
     des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 8747bf9a-3b17-11e2-a428-00158341c75b
     
    Error - 04.12.2012 15:58:30 | Computer Name = BMW-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: Survivers_Beta_3.exe, Version: 3.5.5.44562,
     Zeitstempel: 0x502500b9  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
     Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000222b2  ID des fehlerhaften
     Prozesses: 0x16ec  Startzeit der fehlerhaften Anwendung: 0x01cdd257a671818b  Pfad der
     fehlerhaften Anwendung: C:\Users\BMW\Desktop\Survivers_Beta_3\Survivers_Beta_3.exe
    Pfad
     des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: f94dcd23-3e4c-11e2-81e5-daaf224e7531
     
    Error - 08.12.2012 18:56:29 | Computer Name = BMW-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: SHIFT2U.exe, Version: 1.0.2.0, Zeitstempel:
     0x00000000  Name des fehlerhaften Moduls: SHIFT2U.exe, Version: 1.0.2.0, Zeitstempel:
     0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x008f0d34  ID des fehlerhaften Prozesses:
     0x1248  Startzeit der fehlerhaften Anwendung: 0x01cdd597211ae5db  Pfad der fehlerhaften
     Anwendung: C:\Program Files (x86)\Electronic Arts\SHIFT 2 UNLEASHED\SHIFT2U.exe
    Pfad
     des fehlerhaften Moduls: C:\Program Files (x86)\Electronic Arts\SHIFT 2 UNLEASHED\SHIFT2U.exe
    Berichtskennung:
     805c5655-418a-11e2-8312-8453962cb643
     
    Error - 08.12.2012 19:43:01 | Computer Name = BMW-PC | Source = MsiInstaller | ID = 1013
    Description = 
     
    Error - 08.12.2012 19:57:56 | Computer Name = BMW-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
     Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.17859,
     Zeitstempel: 0x4fd2dfec  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000028cd32
    ID
     des fehlerhaften Prozesses: 0x6d4  Startzeit der fehlerhaften Anwendung: 0x01cdd58b626a4cb1
    Pfad
     der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
     C:\Windows\system32\SHELL32.dll  Berichtskennung: 15caf73e-4193-11e2-8312-8453962cb643
     
    Error - 11.12.2012 12:08:42 | Computer Name = BMW-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
     Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
     Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c40f2
    ID
     des fehlerhaften Prozesses: 0x6a4  Startzeit der fehlerhaften Anwendung: 0x01cdd7b5d56d71ce
    Pfad
     der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
     C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 0828a21a-43ad-11e2-9e02-d123dedb9d5d
     
    [ System Events ]
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36874
    Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
     übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
     unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36888
    Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
     lautet: 107.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36874
    Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
     übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
     unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36888
    Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
     lautet: 107.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36874
    Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
     übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
     unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36888
    Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
     lautet: 107.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36874
    Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
     übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
     unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36888
    Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
     lautet: 107.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36874
    Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
     übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
     unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
     
    Error - 11.12.2012 12:00:42 | Computer Name = BMW-PC | Source = Schannel | ID = 36888
    Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
     lautet: 107.
     
     
    < End of report >
    startup.txt
    Code:
    Ja	HKCU:Run	Clownfish		
    Nein	HKCU:Run	Skype	Skype Technologies S.A.	"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    Nein	HKCU:Run	Steam	Valve Corporation	"C:\Program Files (x86)\Steam\steam.exe" -silent
    Nein	HKLM:Run	Adobe ARM	Adobe Systems Incorporated	"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    Ja	HKLM:Run	avast	AVAST Software	"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    Nein	HKLM:Run	LogMeIn Hamachi Ui	LogMeIn Inc.	"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    Nein	HKLM:Run	MRUTray	Marvell Semiconductor	C:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe
    Ja	HKLM:Run	NUSB3MON	Renesas Electronics Corporation	"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    Ja	HKLM:Run	RtHDVCpl	Realtek Semiconductor	C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    Nein	HKLM:Run	Start WingMan Profiler	Logitech Inc.	C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    Nein	HKLM:Run	SunJavaUpdateSched	Sun Microsystems, Inc.	"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    Nein	Startup User	ACR Launcher.lnk		C:\PROGRA~2\ACR\AUTOCL~1\web\ACRLAU~1.EXE 
    Nein	Startup User	No-IP DUC.lnk	Vitalwerks Internet Solutions	C:\PROGRA~2\No-IP\DUC30.exe
    Nein	Startup User	OMSI Addon Manager.lnk	Jan Kiesewalter	C:\PROGRA~2\OMSIAD~1\OMSIAD~1.EXE -silent
    Nein	Startup User	OpenOffice.org 3.4.1.lnk		C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE

  5. #5
    Moderator Team-Mitglied Avatar von Eric Lee
    Registriert seit
    29.07.2012
    Beiträge
    2.397

    AW: Ist sehr langsam geworden

    Guten Abend Vik1299,

    bitte hänge noch folgende Dateien an dieses Thema an:
    - alle Logfiles von ESET Online Scanner
    - alle Logfiles von Avast
    - alle Logfiles von Malwarebytes Anti-Malware (MBAM)

    Bitte auch anhängen wenn keine Funde getätigt wurden, nur damit ich sehe wie, wann und warum die Programme ausgeführt wurden und was diese ggf beanstandet haben. Außerdem poste bitte alle Lofgiles die vorhanden sind und nicht nur die jeweils letzten. Danach machen wir uns auf die Suche.

    Schönen Gruß,
    Eric Lee
    | Neu hier? Bitte abarbeiten. | Forenregeln | Feedback | Stellenausschreibung im Forum | OS X or BSD Malware? PM me. |
    | Danke 1uV829dYGPwKk8Q1khoH4o9MuEqWSgyXE (BTC) | Browser TLSv1.2? | Wie sicher ist dein Browser? | How unique are you? |

  6. #6
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    AW: Ist sehr langsam geworden

    ESET:
    Name:  ESET.jpg
Hits: 439
Größe:  36,7 KB
    avast auch OK
    MBAM:
    Code:
    Malwarebytes Anti-Malware (Test) 1.65.1.1000
    www.malwarebytes.org
    
    Datenbank Version: v2012.12.12.10
    
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    BMW :: BMW-PC [Administrator]
    
    Schutz: Deaktiviert
    
    12.12.2012 19:11:06
    mbam-log-2012-12-12 (19-11-06).txt
    
    Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
    Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
    Deaktivierte Suchlaufeinstellungen: P2P
    Durchsuchte Objekte: 443802
    Laufzeit: 38 Minute(n), 36 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateiobjekte der Registrierung: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse: 0
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien: 0
    (Keine bösartigen Objekte gefunden)
    
    (Ende)
    Geändert von Vik1299 (12.12.2012 um 20:17 Uhr)

  7. #7
    Moderator Team-Mitglied Avatar von Eric Lee
    Registriert seit
    29.07.2012
    Beiträge
    2.397

    AW: Ist sehr langsam geworden

    Guten Abend Vik,

    nur eine kurze Info, da dein System etwas "außergewöhnlich" konfiguriert ist wird es etwas dauern bis ich dir eine konkrete Antwort geben kann. Ich habe dich also nicht vergessen wenn ich etwas verzögert antworte, ich muss bloß ein paar Dinge simulieren/nachschauen. Auf den ersten Blick sieht man keine Infektion durch Malware, ich gehe von inkompatibler Softwarekonfiguration aus und das ist schwer soetwas zu finden. Wie wir das beheben muss ich wie gesagt erst noch schauen.

    Ich nehme an du hast das System mit nLite aufgesetzt? Hast du ein Update von Programmen wie NO-IP oder Free Download Manager gemacht bevor das Problem auftrat? Das würde mir helfen die Analyse etwas einzuschränken.

    Schönen Gruß,
    Eric Lee
    | Neu hier? Bitte abarbeiten. | Forenregeln | Feedback | Stellenausschreibung im Forum | OS X or BSD Malware? PM me. |
    | Danke 1uV829dYGPwKk8Q1khoH4o9MuEqWSgyXE (BTC) | Browser TLSv1.2? | Wie sicher ist dein Browser? | How unique are you? |

  8. #8
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    AW: Ist sehr langsam geworden

    Nee ist von der OEM DVD installiert
    Nein ich habe kein update gemacht und der pc war schon bevor ich NO-IP installiert habe lahm und mit FDM lief es eigentlich immer gut aber dass ist das erste mal dass der pc so lahm ist.
    ich denk ich mache eine neuinstallation

    P.S. mein echter name ist Viktor
    Geändert von Vik1299 (13.12.2012 um 18:55 Uhr) Grund: Off-topic

  9. #9
    Moderator Team-Mitglied Avatar von Eric Lee
    Registriert seit
    29.07.2012
    Beiträge
    2.397

    AW: Ist sehr langsam geworden

    Guten Abend Viktor,

    du hast viele Sachen welche ins Networking eingreifen (NOIP, FDM, OpenVPN, LSI, LogMeIn Hamachi, LSA, {Apache, SCP?} - um nur ein paar zu nennen). Ich vermute das die "Hänger" wenn du zB IE startest damit zusammenhängen. Wenn du willst kann ich dir noch eine Auflistung aller Dinge machen die mir aufgefallen sind auch wenn du das System neu aufsetzen möchtest. Das hilft dir vielleicht die Probleme beim neuen System zu vermeiden. Ich habe dein Logfile auch noch nicht komplett abgeglichen - vielleicht fällt mir also noch etwas auf.

    Schönen Gruß,
    Eric Lee
    | Neu hier? Bitte abarbeiten. | Forenregeln | Feedback | Stellenausschreibung im Forum | OS X or BSD Malware? PM me. |
    | Danke 1uV829dYGPwKk8Q1khoH4o9MuEqWSgyXE (BTC) | Browser TLSv1.2? | Wie sicher ist dein Browser? | How unique are you? |

  10. #10
    Einsteiger
    Registriert seit
    11.12.2012
    Beiträge
    15

    AW: Ist sehr langsam geworden

    Apache installiert sich einfach so immer wenn ich von gigabyte die treiber sauge
    und was ist LSI,LSA und SCP?
    OpenVPN ist schon lange weg weiß net wieso es bei dir steht

    EDIT: Neuinstallation hält jetzt einzug. Bitte gib mir ne Liste von den programmen die stören.
    Geändert von Vik1299 (13.12.2012 um 19:46 Uhr)

Seite 1 von 3 123 LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. XP sehr langsam geworden
    Von micwil im Forum Archiv
    Antworten: 30
    Letzter Beitrag: 03.11.2012, 08:47
  2. PC ist sehr langsam geworden
    Von ciccio im Forum Archiv
    Antworten: 17
    Letzter Beitrag: 12.11.2010, 08:49
  3. Mein Internet ist sehr langsam geworden.
    Von Robinb im Forum Archiv
    Antworten: 2
    Letzter Beitrag: 04.08.2010, 00:13
  4. Pc sehr langsam geworden - was ist das Problem??
    Von kobisteinchen im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 07.01.2009, 23:56
  5. PC sehr langsam geworden
    Von Forelle im Forum Archiv
    Antworten: 27
    Letzter Beitrag: 21.06.2007, 04:18

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •