Fiddler?! Probleme bei einem Programm

#0
26.03.2015, 12:38
Member

Beiträge: 120
#1 Ich habe mir die neue Version von "Apowersoft Streaming Video Recorder" runtergeladen um sie auszuprobieren. Seitdem kommt immer, aber nur wenn das Programm läuft ...

Ein Zertifikatsfehler, irgendwqs mit "Fiddler Root". Und laut neuen Virenscannern ist das Programm sauber. Logisch, ist ja vom Anbieter selbst. Natürlich dachte ich dann, dass es vielleicht eine Macke in der neuesten Version ist, und habe mir eine alte Version installiert, wo das Problem nicht auftrat. Nun tritt es auch da auf. Aber eben nur wenn das Programm gestartet ist. Ein Virenscan mit Kasperky ergab nichts.

Daher frage ich mich nun, was das sein kann. Auf dem Laptop habe ich es auch probiert, da tritt der Fehler nicht auf. Scheinbar wird auf dem PC also irgendwas mitinstalliert, aber da wird laut Anzeige nur das Programm installiert. Daher bin ich ratlos.

- Virenscnanner sagen alles okay
- Fehler passiert nur (!) wenn das Programm läuft

Daher scheint irgendwas im Programm zu spinnen. Aber was?!
Seitenanfang Seitenende
26.03.2015, 13:05
Member

Themenstarter

Beiträge: 120
#2

Code

OTL logfile created on: 26.03.2015 12:53:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Loxagon\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,12 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 45,37% Memory free
6,24 Gb Paging File | 4,16 Gb Available in Paging File | 66,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110,54 Gb Total Space | 8,60 Gb Free Space | 7,78% Space Free | Partition Type: NTFS
Drive D: | 876,06 Gb Total Space | 128,05 Gb Free Space | 14,62% Space Free | Partition Type: NTFS
Drive E: | 876,32 Gb Total Space | 90,38 Gb Free Space | 10,31% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: LOXAGON-PC | User Name: Loxagon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Loxagon\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Windows\System32\MsSpellCheckingFacility.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
PRC - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\Notepad++\NppShell_06.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (CGVPNCliService) -- C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
SRV - (BstHdUpdaterSvc) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AVP15.0.0) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Kaspersky Lab ZAO)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NvNetworkService) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (VBoxNetFlt) -- system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (taphss6) -- system32\DRIVERS\taphss6.sys File not found
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab ZAO)
DRV - (klflt) -- C:\Windows\System32\drivers\klflt.sys (Kaspersky Lab ZAO)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (klhk) -- C:\Windows\System32\drivers\klhk.sys (Kaspersky Lab ZAO)
DRV - (Apowersoft_AudioDevice) -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab ZAO)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab ZAO)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab ZAO)
DRV - ({C5F942FD-1110-4664-86CE-0C6BDA305235}) -- C:\Program Files\CyberLink\PowerDVD14\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab ZAO)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (klpd) -- C:\Windows\System32\drivers\klpd.sys (Kaspersky Lab ZAO)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (Riverbed Technology, Inc.)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Qualcomm Atheros Co., Ltd.)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (BazisVirtualCDBus) -- C:\Windows\System32\drivers\BazisVirtualCDBus.sys (SysProgs.org)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {4365319D-385A-447D-9229-FC18CB977BB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{26CE35AA-81D1-4559-BFB6-A6A4B7DA70A9}: "URL" = http://www.sm.de/?q={searchTerms}
IE - HKLM\..\SearchScopes\{4365319D-385A-447D-9229-FC18CB977BB5}: "URL" = http://www.startseite24.net/?q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\..\SearchScopes,DefaultScope = {0ED7F34E-7E39-4CDF-96F5-74A93DD91361}
IE - HKCU\..\SearchScopes\{0ED7F34E-7E39-4CDF-96F5-74A93DD91361}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Websuche"
FF - prefs.js..browser.search.selectedEngine: "Websuche"
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.142
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.18
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..keyword.URL: "http://www.startseite24.net/?q="
FF - prefs.js..network.proxy.http: "80.228.68.8"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.20.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015.03.26 10:23:53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015.03.26 10:23:53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015.03.26 10:23:54 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\Siedler 7\Die Siedler 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014.04.22 16:53:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015.03.26 10:23:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015.03.26 10:23:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015.03.26 10:23:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015.03.26 10:23:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015.03.26 10:23:53 | 000,000,000 | ---D | M]

[2014.03.31 17:24:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loxagon\AppData\Roaming\Mozilla\Extensions
[2015.03.26 10:36:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Loxagon\AppData\Roaming\Mozilla\Firefox\Profiles\7l7vivt9.default\extensions
[2014.11.16 21:07:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Loxagon\AppData\Roaming\Mozilla\Firefox\Profiles\7l7vivt9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.07.17 17:49:52 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Loxagon\AppData\Roaming\Mozilla\Firefox\Profiles\7l7vivt9.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2015.02.27 17:36:21 | 000,732,089 | ---- | M] () (No name found) -- C:\Users\Loxagon\AppData\Roaming\Mozilla\Firefox\Profiles\7l7vivt9.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2014.12.24 15:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.12.24 15:12:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.03.26 10:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2015.03.26 10:51:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho\4.0.9.130_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\Loxagon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\

O1 HOSTS File: ([2014.11.22 17:09:35 | 000,450,812 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1   support.apowersoft.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 15472 more lines...
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PowerDVD14Agent] C:\Program Files\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [AIM for Windows] C:\Users\Loxagon\AppData\Local\AOL\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [CyberGhost] C:\Program Files\CyberGhost 5\CyberGhost.EXE (CyberGhost S.R.L.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Zu Anti-Banner hinzufügen - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm ()
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Link-Untersuchung - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: t-online.de ([www.de-mail] https in Vertrauenswürdige Sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31C5F0E8-EBC7-47B1-8C18-A9C07D7D35DB}: DhcpNameServer = 192.168.0.100 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{01dc3cc4-e259-11e3-a310-ac220bc44cdc}\Shell - "" = AutoRun
O33 - MountPoints2\{01dc3cc4-e259-11e3-a310-ac220bc44cdc}\Shell\AutoRun\command - ""
O33 - MountPoints2\{01dc3cc7-e259-11e3-a310-ac220bc44cdc}\Shell - "" = AutoRun
O33 - MountPoints2\{01dc3cc7-e259-11e3-a310-ac220bc44cdc}\Shell\AutoRun\command - "" = 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015.03.26 12:30:13 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\Documents\Streaming Video Recorder
[2015.03.26 10:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2015.03.26 10:17:23 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2015.03.26 10:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2015.03.26 10:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015.03.26 10:17:10 | 000,644,808 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2015.03.26 10:17:10 | 000,112,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2015.03.26 10:17:09 | 000,034,400 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klhk.sys
[2015.03.26 09:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2015.03.26 09:55:14 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2015.03.25 21:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\DLLSuite
[2015.03.25 12:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2015.03.25 12:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2015.03.22 11:37:37 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\AppData\Roaming\Wise Registry Cleaner
[2015.03.22 11:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2015.03.22 11:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2015.03.21 15:50:50 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2015.03.21 15:46:46 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.03.21 15:46:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.03.21 15:46:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.03.21 15:46:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.03.21 15:46:45 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.03.21 15:46:45 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.03.21 15:46:45 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.03.21 15:46:45 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.03.21 15:46:45 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.03.21 15:46:45 | 000,342,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.03.21 15:46:45 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.03.21 15:46:45 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.03.21 15:46:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.03.21 15:46:44 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.03.21 15:46:44 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.03.21 15:46:44 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.03.21 15:46:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.03.21 15:46:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.03.21 15:46:43 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.03.21 15:46:43 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.03.21 15:46:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.03.21 15:46:41 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.03.21 15:46:39 | 004,300,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.03.21 15:46:37 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2015.03.21 15:46:34 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.03.21 15:46:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.03.21 15:46:34 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.03.21 15:46:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.03.21 15:46:34 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.03.21 15:46:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.03.21 15:46:33 | 002,744,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015.03.21 15:46:33 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2015.03.21 15:46:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2015.03.21 15:46:27 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2015.03.21 15:46:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll
[2015.03.21 15:46:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDYAK.DLL
[2015.03.21 15:46:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAT.DLL
[2015.03.21 15:46:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDRU1.DLL
[2015.03.21 15:46:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2015.03.21 15:46:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDRU.DLL
[2015.03.21 15:46:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2015.03.21 15:46:23 | 002,381,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.03.21 15:46:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015.03.21 15:46:18 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015.03.21 15:46:18 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2015.03.21 15:46:17 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\charmap.exe
[2015.03.21 15:46:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015.03.21 15:46:17 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015.03.21 15:46:15 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2015.03.21 15:46:15 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2015.03.21 15:46:14 | 003,973,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.03.21 15:46:14 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2015.03.21 15:46:14 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2015.03.21 15:46:13 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.03.21 15:46:13 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2015.03.21 15:46:13 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2015.03.21 15:46:13 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2015.03.21 15:46:13 | 000,455,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2015.03.21 15:46:13 | 000,409,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2015.03.21 15:46:13 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2015.03.21 15:46:13 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2015.03.21 15:46:12 | 000,521,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2015.03.21 15:46:12 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2015.03.21 15:46:12 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2015.03.21 15:46:12 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.03.21 15:46:12 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2015.03.21 15:46:12 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2015.03.21 15:46:12 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2015.03.21 15:46:12 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.03.21 15:46:12 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2015.03.21 15:46:12 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2015.03.21 15:46:12 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2015.03.21 15:46:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2015.03.21 15:46:12 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2015.03.21 15:46:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2015.03.21 15:46:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2015.03.21 15:46:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.03.21 15:46:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcadm.dll
[2015.03.21 15:46:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2015.03.21 15:46:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2015.03.21 15:46:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2015.03.21 15:46:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcawrk.exe
[2015.03.21 15:46:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcalua.exe
[2015.03.21 15:46:11 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2015.03.21 15:46:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaevts.dll
[2015.03.21 15:46:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2015.03.21 15:46:11 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.03.21 15:46:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2015.03.21 15:46:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2015.03.21 15:46:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2015.03.21 15:43:37 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2015.03.21 15:43:37 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2015.03.21 15:43:37 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2015.03.21 15:43:37 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2015.03.19 19:37:54 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\Tracing
[2015.03.19 12:22:24 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\AppData\Local\Avg2014
[2015.03.08 13:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\GetFLV
[2015.03.08 11:44:04 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\Documents\DonationCoder
[2015.03.08 11:44:04 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\AppData\Roaming\DonationCoder
[2015.03.08 11:43:33 | 000,000,000 | ---D | C] -- C:\Program Files\URLSnooper2
[2015.02.24 19:57:26 | 000,000,000 | ---D | C] -- C:\Users\Loxagon\AppData\Local\CyberGhost
[2015.02.24 19:57:15 | 000,000,000 | ---D | C] -- C:\Program Files\TAP-Windows
[2015.02.24 19:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
[2012.12.22 07:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015.03.26 12:44:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.03.26 12:25:42 | 000,020,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.03.26 12:25:42 | 000,020,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.03.26 12:16:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.03.26 12:16:20 | 2515,099,648 | -HS- | M] () -- C:\hiberfil.sys
[2015.03.26 10:23:37 | 000,644,808 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2015.03.26 10:23:37 | 000,112,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2015.03.26 10:17:57 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2015.03.26 10:13:55 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.03.26 09:55:14 | 000,001,195 | ---- | M] () -- C:\Users\Loxagon\Desktop\Revo Uninstaller.lnk
[2015.03.25 21:38:26 | 000,699,416 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2015.03.25 21:38:26 | 000,654,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.03.25 21:38:26 | 000,149,556 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2015.03.25 21:38:26 | 000,122,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.03.25 18:20:23 | 000,022,344 | ---- | M] () -- C:\Users\Loxagon\Desktop\Versuch JS.rtf
[2015.03.25 12:41:48 | 000,000,962 | ---- | M] () -- C:\Users\Loxagon\Desktop\WhoCrashed.lnk
[2015.03.24 16:17:30 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.03.22 11:37:34 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2015.03.21 16:25:28 | 000,295,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.03.21 14:43:04 | 000,384,309 | ---- | M] () -- C:\Users\Loxagon\Desktop\support_toolkit_1_0_7-PL2.zip
[2015.03.17 06:15:36 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2015.03.17 06:15:26 | 000,092,888 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2015.03.17 06:15:22 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2015.03.10 14:36:10 | 000,000,429 | ---- | M] () -- C:\Users\Loxagon\.swfinfo
[2015.03.08 11:44:04 | 000,000,046 | ---- | M] () -- C:\Windows\System32\DonationCoder_urlsnooper_InstallInfo.dat
[2015.03.06 21:15:17 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib
[2015.03.06 06:10:29 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.03.06 06:10:22 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.03.06 06:09:31 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.03.06 06:07:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.03.06 06:07:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.03.06 06:06:20 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.02.27 22:39:47 | 000,943,674 | ---- | M] () -- C:\Users\Loxagon\Documents\21061982.pdf
[2015.02.26 04:11:26 | 002,381,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.02.24 19:57:08 | 000,001,854 | ---- | M] () -- C:\Users\Loxagon\Desktop\CyberGhost 5.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015.03.26 10:18:06 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2015.03.26 09:55:14 | 000,001,195 | ---- | C] () -- C:\Users\Loxagon\Desktop\Revo Uninstaller.lnk
[2015.03.25 12:41:48 | 000,000,962 | ---- | C] () -- C:\Users\Loxagon\Desktop\WhoCrashed.lnk
[2015.03.23 15:25:33 | 000,022,344 | ---- | C] () -- C:\Users\Loxagon\Desktop\Versuch JS.rtf
[2015.03.22 11:37:34 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2015.03.22 11:26:17 | 004,229,086 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2015.03.21 14:43:04 | 000,384,309 | ---- | C] () -- C:\Users\Loxagon\Desktop\support_toolkit_1_0_7-PL2.zip
[2015.03.08 22:21:54 | 000,000,429 | ---- | C] () -- C:\Users\Loxagon\.swfinfo
[2015.03.08 11:44:04 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_urlsnooper_InstallInfo.dat
[2015.02.27 22:39:46 | 000,943,674 | ---- | C] () -- C:\Users\Loxagon\Documents\21061982.pdf
[2015.02.24 19:57:08 | 000,001,854 | ---- | C] () -- C:\Users\Loxagon\Desktop\CyberGhost 5.lnk
[2014.10.06 15:44:43 | 000,011,137 | ---- | C] () -- C:\Users\Loxagon\gsview32.ini
[2014.10.06 15:38:37 | 000,000,135 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2014.09.28 15:12:12 | 000,107,520 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2014.09.28 15:12:11 | 000,162,304 | ---- | C] () -- C:\Windows\System32\libpng13.dll
[2014.09.28 15:12:11 | 000,138,752 | ---- | C] () -- C:\Windows\System32\libpng15.dll
[2014.09.28 15:12:10 | 001,198,049 | ---- | C] () -- C:\Windows\unins000.exe
[2014.09.28 15:12:10 | 000,010,826 | ---- | C] () -- C:\Windows\unins000.dat
[2014.07.22 14:38:32 | 002,312,789 | ---- | C] () -- C:\Windows\System32\libfftw3f-3.dll
[2014.07.22 14:38:32 | 002,228,302 | ---- | C] () -- C:\Windows\System32\libfftw3-3.dll
[2014.07.22 14:38:32 | 001,118,219 | ---- | C] () -- C:\Windows\System32\libfftw3l-3.dll
[2014.06.09 19:56:33 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pxhpinst.exe
[2014.06.07 17:43:18 | 000,089,048 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2014.05.08 22:26:23 | 000,032,256 | -HS- | C] () -- C:\Windows\System32\AVSredirect.dll
[2014.04.24 11:28:20 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2014.02.18 17:05:36 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2014.02.13 15:34:23 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\D85E8985BD.sys
[2014.02.13 15:34:21 | 000,001,682 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2014.02.13 15:33:58 | 000,781,312 | ---- | C] () -- C:\Windows\System32\RGSS102J.dll
[2014.02.13 15:33:58 | 000,778,752 | ---- | C] () -- C:\Windows\System32\RGSS102E.dll
[2014.02.13 15:33:58 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll
[2014.02.13 15:33:58 | 000,761,856 | ---- | C] () -- C:\Windows\System32\RGSS104J.dll
[2014.02.13 15:33:58 | 000,758,272 | ---- | C] () -- C:\Windows\System32\RGSS104E.dll
[2014.02.13 15:33:58 | 000,685,056 | ---- | C] () -- C:\Windows\System32\RGSS103J.dll
[2014.02.03 11:21:31 | 000,000,294 | ---- | C] () -- C:\Windows\wininit.ini
[2013.12.25 20:49:33 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.12.21 04:28:59 | 000,699,416 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013.12.21 04:28:59 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013.12.21 04:28:59 | 000,149,556 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013.12.21 04:28:59 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2013.12.20 19:54:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.12.20 19:54:10 | 000,039,276 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013.08.05 07:15:08 | 000,066,104 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2013.08.05 07:15:06 | 000,023,080 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 06:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2014.03.15 14:20:35 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\3909
[2014.08.19 17:23:24 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Aegisub
[2014.08.25 19:19:52 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Amazon
[2013.12.31 12:47:53 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Apowersoft
[2015.02.05 23:11:00 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Azureus
[2014.08.11 18:34:52 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\BANDISOFT
[2015.01.04 21:18:07 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\calibre
[2015.03.22 21:52:28 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\CDisplayEx
[2015.03.26 12:42:15 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\ClassicShell
[2015.03.08 11:44:04 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\DonationCoder
[2014.02.03 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\DriverCure
[2014.08.17 22:38:43 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\DVDVideoSoft
[2014.10.20 20:55:10 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\EPSON
[2015.03.21 15:00:28 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\FileZilla
[2014.05.12 08:30:42 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\GHISLER
[2014.10.31 19:32:07 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\hybrid
[2014.04.22 16:55:04 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Leadertech
[2014.07.22 21:37:36 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\mkvtoolnix
[2014.07.22 14:49:27 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Notepad++
[2014.08.25 19:17:23 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\OpenOffice
[2014.09.12 10:37:17 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Paloma Networks, Inc
[2015.02.13 13:48:18 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\QuickScan
[2014.06.05 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\RenPy
[2014.09.21 18:30:25 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Replay Media Catcher 5
[2014.02.03 11:28:36 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\SpeedyPC Software
[2014.09.12 10:16:30 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\SuperNZB
[2014.09.20 18:12:26 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Systweak
[2014.04.30 16:19:19 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\TeamViewer
[2014.01.01 18:34:24 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\TERA
[2014.02.16 17:08:56 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\TuneUp Software
[2015.03.26 12:13:54 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\UseNeXT
[2015.03.22 11:41:01 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Wise Registry Cleaner
[2014.09.21 14:59:43 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\WM Recorder
[2014.09.21 15:03:09 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\WM Recorder 15
[2014.09.21 15:00:42 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\WMBrowser
[2015.02.24 20:16:00 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\Xilisoft
[2013.12.26 17:42:01 | 000,000,000 | ---D | M] -- C:\Users\Loxagon\AppData\Roaming\XMedia Recode

[color=#E56717]========== Purity Check ==========[/color]
< End of report >

Code

OTL Extras logfile created on: 26.03.2015 12:53:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Loxagon\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,12 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 45,37% Memory free
6,24 Gb Paging File | 4,16 Gb Available in Paging File | 66,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110,54 Gb Total Space | 8,60 Gb Free Space | 7,78% Space Free | Partition Type: NTFS
Drive D: | 876,06 Gb Total Space | 128,05 Gb Free Space | 14,62% Space Free | Partition Type: NTFS
Drive E: | 876,32 Gb Total Space | 90,38 Gb Free Space | 10,31% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: LOXAGON-PC | User Name: Loxagon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D49C4F-E7B9-4677-80CF-F42D87E9A0E3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{06FE67C2-13CB-4FEA-9F04-AB8EE7A7D627}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07300A1E-68A8-4BAF-9D33-D244ABEF1C31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{079BB4CF-4F45-478D-AF8F-6FD74F01F446}" = lport=137 | protocol=17 | dir=in | app=system |
"{108CF8DA-A3AC-4FB5-A09B-E5DAE6BC43F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{1134DB95-DDA7-4F16-B186-BC86938B0B86}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{115629B4-A2A3-4C66-BF2B-05CE2280B576}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17AFAE82-A1DE-4CE0-B7E4-9A817AEB67F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{17CC98D6-C12D-4A26-A871-A95269C42F7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2EF2B81B-C095-432E-9699-C777BD3B2403}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{35B3992D-6BAF-49C9-8B7D-58C372837D08}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{42A74ECC-288B-4137-882C-89C1810671F9}" = rport=138 | protocol=17 | dir=out | app=system |
"{44C41E82-0D56-4D6D-A173-08ED8665BA53}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{4789F125-3702-4020-A4D1-235483404DB8}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4ACB0E44-EEBD-4297-8C41-DD00659A41B7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4C14ECD3-0342-4912-83F6-8F65D70327DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FA31FE0-59E0-49A9-AFD4-F671EDE8C5AF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57BCF9EF-AD33-41B0-873D-4D9DE0666E63}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{6988FE4D-DC91-4F05-B074-3D5AA3B4F63B}" = lport=138 | protocol=17 | dir=in | app=system |
"{6BB6BE95-0C62-4607-B89B-1432C247D4D9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{77B42B5F-C696-49F0-9579-E40BE6F426A8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7E8F4034-6C9C-494B-8F2A-DFF688545074}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{805E7930-E0C7-42D2-A37C-B0100E7045CC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{82FC2AFA-3CDD-48AD-80BB-AB0C865C90D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{847FFD5D-8019-4919-8256-D3B18CD0E169}" = lport=2869 | protocol=6 | dir=in | app=system |
"{84D2F5B4-D59E-4A66-A6A5-1731028E4F4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9399E1AE-F15B-441F-BF87-9C5838D0D94F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9677A479-47F8-42E6-B95D-A6C234C262A7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{97A69834-F2A7-4BE7-AF8A-251A293E09DA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9A9317C5-7FCA-4C69-879B-7917C1C907A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{9DE6EE5C-9F37-4195-B7C2-DD6BFFA2D83D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B71E2392-5C38-4B58-BB30-9A750DBF74B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BA0C9299-42F2-438D-8549-814A905F0075}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCB778A8-0070-4EFC-8114-C10A9327360C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BEE63E04-072C-4649-AC01-17C5FEAC1BC6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C5FD2BE7-1CD2-4D93-8D12-9BD362C423F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{C8CD7D01-A321-4298-9CA1-939C125CAE3F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D1465B3C-D0F2-4C4A-83CC-E7BFA5557486}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DFF6C9A7-0E4B-4B38-BDF9-56B78DF5E6DD}" = lport=139 | protocol=6 | dir=in | app=system |
"{ED062FD3-8F55-4B64-8FFB-ED22DC2DABA4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EF87CEB2-D8D6-48AC-8099-07CE26369860}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FE94AFB0-BDDC-4EAA-A59D-6EDF69999B81}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{066ED357-3FE6-4FD2-B804-173BAC9EA57D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{092FEA65-EF3F-49FE-AF96-12FC1BCB1DC9}" = dir=out | app=%programfiles%\nero\nero 2014\nero launcher\nerolauncher.exe |
"{0BFD887B-5740-4B8C-9F67-F7905CA4DDB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C4F20DF-D034-4767-A499-182269412F09}" = dir=out | app=%programfiles%\tuneup utilities 2014\integrator.exe |
"{0D02DD1F-11A2-4745-BAFA-B31A640578F0}" = dir=in | app=c:\program files\cyberlink\powerdvd14\powerdvd.exe |
"{0F8F9E57-150C-438C-947C-D410EFB7F13C}" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsrv.exe |
"{14078AC5-036C-4DEA-B3E2-2FBB618DA46C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{14F7D8CB-F5FA-4F53-B1F1-6F3354BAB6E7}" = protocol=17 | dir=in | app=d:\mmx\might and magic x legacy.exe |
"{15FBC335-D1DE-48AD-B001-F1F9C7C57114}" = dir=out | app=%programfiles%\freemake\freemake video converter\freemakevideoconverter.exe |
"{17017F81-F79B-4739-84B4-9AC39F7E947A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E429982-6D9D-4016-A5A7-FFDCA548D290}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{1FEDB95E-FADC-4D54-B199-DA433601E9AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{20AB6A73-48D1-4B49-87C5-A2C2B89C39D0}" = protocol=6 | dir=in | app=c:\program files\nero\km\nmdllhost.exe |
"{23C8ABF4-A2A8-4EDA-A375-1250AC2AF109}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24493642-1F7A-46DF-9DBF-21F2782A80F8}" = dir=out | app=%programfiles%\tuneup utilities 2014\oneclickstarter.exe |
"{2E73577F-5BA5-436E-8A3C-CEDADC2E4AEA}" = dir=out | app=%programfiles%\tuneup utilities 2014\integrator.exe |
"{306C519C-D558-4ADF-BECC-3DC548CDE076}" = dir=in | app=%programfiles%\xilisoft\mp4 converter\vcloader.exe |
"{353D08F0-7578-41F0-9B0C-BBA1ABE9500E}" = protocol=6 | dir=in | app=c:\program files\nero\nero blu-ray player\blu-rayplayer.exe |
"{42489D3E-6FAF-4B22-A9E9-BBD625038406}" = protocol=6 | dir=in | app=e:\aion\gfl_client.exe |
"{45EAAEE7-B171-40A1-9CDB-3B8BD61BE5C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4BDD2DDE-356C-4552-AE89-22816B6BD1E7}" = dir=out | app=d:\xili\drloader.exe |
"{54F75056-39AF-4D76-B7D7-9A6930A51587}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55DA490D-C842-4183-A441-D4FD1E6DD720}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{5FF231C9-E491-4B4F-B4F1-DAE49B43B419}" = protocol=6 | dir=in | app=d:\mmx\might and magic x legacy.exe |
"{664529F0-9440-4B5A-957B-DA5147D71F41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6726E344-741F-4ADE-84A7-42557D2E178B}" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsuck.exe |
"{6B1D4AD3-C2C8-47A3-988D-9BC5852AF34C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6FDF083A-7CC1-4743-8B3D-E38C394B22B4}" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpgw.exe |
"{70B48963-F378-4BDB-8E3B-F13C6E609E10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71009098-D0FF-42C0-B892-24CFB99C4AF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7A32BE8A-93AC-436D-80CC-A0D0CC3581AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7EE07625-0460-497B-8E53-2BF4EAD4D886}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D68C71D-43AD-4C42-B48C-79ADA7F5C44E}" = dir=in | app=c:\program files\cyberlink\powerdvd14\movie\powerdvdmovie.exe |
"{9517E4BD-FCCE-4651-BEE1-38885204949C}" = dir=in | app=c:\program files\cyberlink\powerdvd14\kernel\dms\clmsserverpdvd14.exe |
"{986FBCE5-89F1-4853-A61F-BFAAFB2260CA}" = protocol=17 | dir=in | app=c:\program files\nero\nero blu-ray player\blu-rayplayer.exe |
"{9B16D712-90DF-450D-A17F-4E826D7C65FF}" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsuck.exe |
"{9B3C3367-94C3-4030-B5D3-D73A684F1A4A}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{9F5B2D31-66F2-49BA-A2CC-F1759F7B2A60}" = dir=in | app=c:\program files\cyberlink\powerdvd14\powerdvd14agent.exe |
"{B9595605-7952-435F-A746-0ADBD7B1D64C}" = dir=in | app=d:\mmx\might and magic x legacy.exe |
"{BFB54888-8095-47DA-9868-D1D8B62F690B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C25DEAAB-6CDB-4CC2-A637-754D052E85A0}" = protocol=6 | dir=out | app=system |
"{C948C210-6254-449F-B2CC-D465DE106649}" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsrv.exe |
"{D06C1A14-186C-4BD5-9628-F85ED75CB1BE}" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpgw.exe |
"{D4ED313D-7833-4283-ADAD-C6CF1421976B}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{D717D28D-B842-4951-AA8E-A878F33B7EA4}" = dir=out | app=%programfiles%\cyberlink\powerdvd14\pdvdlp.exe |
"{E16E7ECE-FC09-4AC5-BA30-12CAEBAD36AA}" = dir=out | app=%programfiles%\xilisoft\hd video converter\vcloader.exe |
"{E58F5C46-730F-467A-B3DE-8E1996FE155C}" = protocol=17 | dir=in | app=c:\program files\nero\km\nmdllhost.exe |
"{EED0757F-BEC5-475F-A83A-BC4677988C06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1C41060-2802-4233-A20C-3FC54CB93B92}" = dir=out | app=%programfiles%\cyberlink\powerdvd14\pdvdlp.exe |
"{F4FE986E-CB0F-46EB-B75B-E99DA1E1D0AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F789AF0B-EF1D-4BE3-AEAB-1F14E7992E9B}" = dir=in | app=c:\program files\cyberlink\powerdvd14\movie\powerdvd cinema\powerdvdcinema.exe |
"TCP Query User{09F91B8C-D804-4C56-8279-854ACC2F7BA3}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"TCP Query User{18ACA238-1055-499A-BAB9-8B5677D733DA}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"TCP Query User{39637169-51C0-4A48-8050-35ECF8172A68}C:\users\loxagon\downloads\rt\rtmpsrv.exe" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsrv.exe |
"TCP Query User{3A3A572C-6BB6-485A-AC37-E2692B4B8EA1}D:\kindle\lib\touchlibs\webreader.exe" = protocol=6 | dir=in | app=d:\kindle\lib\touchlibs\webreader.exe |
"TCP Query User{405A3227-3463-46D9-9130-E178394CCC85}C:\users\loxagon\downloads\rtmpexplorer\rtmpsrv.exe" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rtmpexplorer\rtmpsrv.exe |
"TCP Query User{5C301FFF-B6F2-4AFA-9300-6D34049D535E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8E6BCE17-D319-4EA5-9388-06E50409BEEB}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"TCP Query User{ADC505E6-ED1E-4B8E-8E19-255E1AFF2745}D:\batman arkham anthology edition\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=d:\batman arkham anthology edition\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe |
"TCP Query User{ADEB8736-8EFA-4063-9CF2-6B7B7C911CC2}D:\program files\hybrid\mplayer.exe" = protocol=6 | dir=in | app=d:\program files\hybrid\mplayer.exe |
"TCP Query User{BF78D5AD-8E69-4703-ABA2-7ADC14FD4F37}C:\users\loxagon\downloads\rt\rtmpsuck.exe" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsuck.exe |
"TCP Query User{DFC3A27C-CB21-4598-BDCE-E453DF8E594D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E3966DC4-27A1-40B5-A03C-657A6EDC3D04}D:\program files\tera\tera-launcher.exe" = protocol=6 | dir=in | app=d:\program files\tera\tera-launcher.exe |
"TCP Query User{EA05678E-445F-4DBF-ADB5-117CFEC35B1B}C:\users\loxagon\downloads\rt\rtmpgw.exe" = protocol=6 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpgw.exe |
"TCP Query User{EB3283A6-060E-4994-8728-8231F55D7121}D:\batman arkham anthology edition\batman arkham city game of the year edition\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=d:\batman arkham anthology edition\batman arkham city game of the year edition\binaries\win32\batmanac.exe |
"TCP Query User{F6B284D5-D923-42A8-9B6D-5DC68A81F8C0}D:\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe" = protocol=6 | dir=in | app=d:\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe |
"UDP Query User{07E47DFA-1231-4735-A480-0444B033574A}C:\users\loxagon\downloads\rt\rtmpsrv.exe" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsrv.exe |
"UDP Query User{333EBA7B-4144-45B7-A1D2-F2911C69C922}C:\users\loxagon\downloads\rt\rtmpgw.exe" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpgw.exe |
"UDP Query User{48056A54-6B88-4749-A26C-BD9622FA7736}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{4A33E7AF-BC4C-49F8-A530-AB38585953C6}C:\users\loxagon\downloads\rt\rtmpsuck.exe" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rt\rtmpsuck.exe |
"UDP Query User{5450F92B-77FA-4F97-A7DF-9F17B6F65F02}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"UDP Query User{56648E33-7F7A-45C1-98F7-97619C4622EF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{96352448-55E9-47A3-97F5-FE9EF6329C24}D:\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe" = protocol=17 | dir=in | app=d:\siedler 7\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe |
"UDP Query User{BA2DCCC5-7857-48EE-B3DF-80A22742504E}D:\program files\tera\tera-launcher.exe" = protocol=17 | dir=in | app=d:\program files\tera\tera-launcher.exe |
"UDP Query User{BC50D869-7DA8-4F7C-83AD-268C0AE71A6C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D009435C-0678-4B33-8CEA-4B4073E0436B}D:\kindle\lib\touchlibs\webreader.exe" = protocol=17 | dir=in | app=d:\kindle\lib\touchlibs\webreader.exe |
"UDP Query User{D257786F-F642-4D13-A7DE-FA54AC6E2D60}D:\batman arkham anthology edition\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=d:\batman arkham anthology edition\batman arkham asylum game of the year edition\binaries\shippingpc-bmgame.exe |
"UDP Query User{D60AD47A-3979-4DD7-9B00-5B2D5ECB9E42}D:\batman arkham anthology edition\batman arkham city game of the year edition\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=d:\batman arkham anthology edition\batman arkham city game of the year edition\binaries\win32\batmanac.exe |
"UDP Query User{DB42943A-9AC1-4DAD-83B4-9558FED28D2B}D:\program files\hybrid\mplayer.exe" = protocol=17 | dir=in | app=d:\program files\hybrid\mplayer.exe |
"UDP Query User{ECF06811-36C8-445A-9D6A-1011119D15EA}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"UDP Query User{F7F9A2FE-E108-445F-ACC7-F56EA5AA19B7}C:\users\loxagon\downloads\rtmpexplorer\rtmpsrv.exe" = protocol=17 | dir=in | app=c:\users\loxagon\downloads\rtmpexplorer\rtmpsrv.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000EF65-BE80-3B99-BDE5-84C515C3F64C}" = Microsoft .NET Framework 4.5.2 (DEU)
"{05C6B128-1B40-4495-9CB9-090B368BFA0A}" = Nero Video Samples
"{0CF7D22B-977C-43B2-9219-E03017FBAC6D}" = Nero Recode Help (CHM)
"{111124AF-1ED4-44EF-B674-111111985342}_is1" = FFMPEG Addon
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{150D88F1-40AF-4678-A39D-BCE2332F34E5}" = Nero Abstract Themes
"{152E0B21-19D5-4772-9EF8-8E76074B0C0A}" = BlueStacks Notification Center
"{1618BCA4-EE0D-4866-8FBE-464467D93EBC}_is1" = LaghaimThai version 4.1
"{17429B3C-DC4B-4ED8-BBEA-CF14BD6203C5}" = calibre
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{204A26F0-01B8-4656-8607-5CCEDE820BC2}" = Nero 2014 Content Pack
"{22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}" = Nero Video Transitions 1
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.2
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 3.0.0
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{26A24AE4-039D-4CA4-87B4-2F83218020F0}" = Java 8 Update 20
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}" = Nero Cliparts
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}" = CyberLink PowerDVD 14
"{36DA8969-4DCD-48FF-894A-6BD3936050C3}" = Nero Blu-ray Player Help (CHM)
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40E51513-D917-4563-84F6-4EF6ADD46E2F}" = Nero Recode
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA46F9F-174C-4766-9EA2-2325DF414B9E}" = Nero Express Help (CHM)
"{4D25D881-7183-462F-95C8-990CA1944E0B}" = Nero PiP Effects 1
"{4DB136AF-389B-4A34-AE34-50123559D08E}" = Nero MediaHome
"{4fcf070a-daac-45e9-a8b0-6850941f7ed8}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{504D84ED-AE75-4F85-A68B-BB3D4CB3E169}" = Nero Holiday and Sports Themes
"{50AF8559-F490-381F-A6E7-06A07DE227DC}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830
"{511B5F54-CB1D-4F5B-BE0E-09B1D86BE586}" = Nero Video
"{526b1417-92c1-3737-8247-4abc49ccc8e4}" = Python 3.3.0
"{5446D3AF-B060-49B6-9535-F300E1532022}" = Nero Video Help (CHM)
"{581DCE84-1948-4891-A4A7-A1222CC137C5}" = Nero RescueAgent
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6A2B148A-5D96-40D2-8450-692713BB7457}" = Advanced PDF Password Recovery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}" = Adobe Shockwave Player 12.1
"{75CA8AAE-5346-4312-A9A8-5CF89955930F}" = Nero MediaHome Help (CHM)
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}" = Nero Football (Soccer) Themes
"{7ff90460-89b7-435b-b583-b37b2815ccc7}" = Python 3.1.1
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play
"{83A4E573-E2C2-46FB-9DA6-6A2BBBF5A588}" = Nero Retro Film Themes
"{8B5AD338-7ABC-4ECB-9C2C-687F84AEDDB1}" = Nero Platinum Effects 12
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8F211EA0-C452-454D-90B4-E2F0AE467062}" = iLoad
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{9042C334-9881-4603-B1BC-7E623514A495}" = MKV2AC3 - 1.03.04
"{91604354-2B64-4A59-AF15-81E85CB4F9BB}" = CBR
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.2 (Deutsch)
"{955BF340-C379-4375-AA2F-F3BCB2A498AB}" = Nero Family and Events Themes
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5
"{9dba0447-b749-41ea-90bc-2aa19a9eb580}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A86A50FC-7C22-478B-BAEF-82393328825F}" = LastChaosGER
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch
"{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}" = OpenOffice 4.1.1
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C03E2FB3-250B-44A1-8B9E-61DFCD544133}" = Nero Disc to Device
"{C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}" = Nero Image Samples
"{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}" = Nero ControlCenter Help (CHM)
"{CE675FBD-75C3-45F1-B6AF-8D250861D536}" = Nero Disc Menus 3
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.7.6
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{E043568C-1745-4C69-9D52-43F6E79EB03B}" = Joulemeter
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{EA594E28-547D-4FB5-AED8-3628EFB1474D}" = TuneUp Utilities 2014 (de-DE)
"{ED436519-8A0E-4CD0-987C-174D134513C2}" = Classic Shell
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1" = CBR Reader
"{EEBF1676-AF87-4266-93D8-0C14A34C4217}" = Nero Disc Menus 1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}" = Nero 2014
"{F68B404C-0E04-337F-A132-796508EE337A}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830
"{F69D4104-5394-4F7C-801C-D96DC92E7F69}" = Nero RescueAgent Help (CHM)
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.1.1.1
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FA78CC15-9F90-443B-BA61-A66595F06432}" = Nero Burning ROM Help (CHM)
"{FE81E6B5-652B-40E7-B3B2-7171C6F297DA}" = Nero Disc Menus 2
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"AnyDVD" = AnyDVD
"AviSynth" = AviSynth 2.5
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Batman Arkham Anthology Edition 1.0" = Batman Arkham Anthology Edition 1.0
"BlueStacks App Player" = BlueStacks App Player
"CDisplayEx_is1" = CDisplayEx 1.10.2
"CleanUp!" = CleanUp!
"CyberGhost 5_is1" = CyberGhost 5
"Die Siedler 7 Gold Edition_is1" = Die Siedler 7 Gold Edition V1.12.1396
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.7.4.1
"Free Video to Sony PSP Converter_is1" = Free Video to Sony PSP Converter version 5.0.45.806
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.1.3
"Google Chrome" = Google Chrome
"Hybrid" = Hybrid (remove only)
"InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}" = Kaspersky Internet Security
"jdownloader2" = JDownloader 2
"MakeMKV" = MakeMKV v1.8.11
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.1.4.1018
"MediaInfo" = MediaInfo 0.7.69
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"MKVToolNix" = MKVToolNix 7.0.0 (32bit)
"Mozilla Firefox 34.0.5 (x86 de)" = Mozilla Firefox 34.0.5 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Revo Uninstaller" = Revo Uninstaller 1.95
"RGSS-RTP Standard_is1" = RGSS-RTP Standard
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"sp6" = Logitech SetPoint 6.61
"TAP-Windows" = TAP-Windows 9.9.2
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities 2014
"Uplay" = Uplay
"Uplay Install 401" = Might & Magic X Legacy
"VLC media player" = VLC media player
"WhoCrashed_is1" = WhoCrashed 5.03
"WinPcapInst" = WinPcap 4.1.3
"WinRAR archiver" = WinRAR 5.01 (32-Bit)
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 8.41
"Xilisoft HD Video Converter" = Xilisoft HD Video Converter
"Xilisoft MP4 Converter" = Xilisoft MP4 Converter

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AIM" = AIM for Windows
"KindlePreviewer" = Kindle Previewer

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 23.03.2015 10:59:20 | Computer Name = Loxagon-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\common
files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 25.03.2015 08:09:45 | Computer Name = Loxagon-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\common
files\Logishrd\sp6_uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 25.03.2015 12:40:59 | Computer Name = Loxagon-PC | Source = Application Hang | ID = 1002
Description = Programm Streaming Video Recorder.exe, Version 4.5.2.0 kann nicht
mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen.    Prozess-ID: 35d4    Startzeit: 01d0671a1f840819    Endzeit: 29    Anwendungspfad:
C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe

Berichts-ID:
b4d077f7-d30d-11e4-aa7a-ac220bc44cdc  

Error - 25.03.2015 16:05:09 | Computer Name = Loxagon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: PowerDVDMovie.exe, Version: 14.0.5114.0,
Zeitstempel: 0x53227456  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247,
Zeitstempel: 0x521ea91c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000533a8  ID des fehlerhaften
Prozesses: 0xd30  Startzeit der fehlerhaften Anwendung: 0x01d06736fc6c18c8  Pfad der
fehlerhaften Anwendung: C:\Program Files\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 3c42a734-d32a-11e4-bafa-ac220bc44cdc

Error - 25.03.2015 17:03:59 | Computer Name = Loxagon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SearchIndexer.exe, Version: 7.0.7601.17610,
Zeitstempel: 0x4dc0c672  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247,
Zeitstempel: 0x521ea91c  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000c3873  ID des fehlerhaften
Prozesses: 0x750  Startzeit der fehlerhaften Anwendung: 0x01d0673dae77c17d  Pfad der
fehlerhaften Anwendung: C:\Windows\system32\SearchIndexer.exe  Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 744eb202-d332-11e4-bdc7-ac220bc44cdc

Error - 25.03.2015 17:15:17 | Computer Name = Loxagon-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =

Error - 25.03.2015 17:41:21 | Computer Name = Loxagon-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 26.03.2015 04:56:48 | Computer Name = Loxagon-PC | Source = VSS | ID = 8194
Description =

Error - 26.03.2015 06:52:43 | Computer Name = Loxagon-PC | Source = VSS | ID = 8194
Description =

Error - 26.03.2015 07:43:24 | Computer Name = Loxagon-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 25.03.2015 17:34:24 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.

Error - 25.03.2015 17:34:24 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.

Error - 26.03.2015 04:48:21 | Computer Name = Loxagon-PC | Source = BugCheck | ID = 1001
Description =

Error - 26.03.2015 04:51:10 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 252.

Error - 26.03.2015 04:51:10 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 252.

Error - 26.03.2015 07:12:27 | Computer Name = Loxagon-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error - 26.03.2015 07:17:07 | Computer Name = Loxagon-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SBSD Security Center Service erreicht.

Error - 26.03.2015 07:17:07 | Computer Name = Loxagon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet:   %%1053

Error - 26.03.2015 07:41:45 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 252.

Error - 26.03.2015 07:41:47 | Computer Name = Loxagon-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 252.


< End of report >
Dieser Beitrag wurde am 26.03.2015 um 13:12 Uhr von Loxagon editiert.
Seitenanfang Seitenende
26.03.2015, 15:17
Member
Avatar Gool

Beiträge: 4730
#3 Kannst Du mal nen Screenshot von dem Fehler machen?
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
26.03.2015, 16:52
Member

Themenstarter

Beiträge: 120
#4 Jo

Wie gesagt, nur wenn das Programm gestartet ist, und selbst seit ich ein Update gemacht habe. Dafür jetzt auch bei der alten Version.

Anhang: fiddler.png
Seitenanfang Seitenende
26.03.2015, 17:09
Member
Avatar Gool

Beiträge: 4730
#5 Ok, das habe ich mir gedacht. Also: dein Programm setzt auf Fiddler (http://www.telerik.com/fiddler) auf, der sich als Proxy zwischen Server und Browser schaltet. Um SSL-Inhalte zu verarbeiten, bringt er sein eigenes Zertifikat mit, was jetzt diese Zertifikatswarnung verursacht. Du kannst das Zertifikat im Grunde gefahrlos installieren (nach "Vertrauenswürdige Stammzertifizierungsstellen"), damit Du zukünftig keine Zertifikatswarnung mehr erhältst. Allerdings solltest Du Dir bewusst sein, dass Du mit dem Programm die SSL-Verschlüsselung zwischen Browser und Server aufbrichst und somit quasi ein gewisses Sicherheitsrisiko entsteht. Also, während Internet-Banking oder irgendwelchen Zahlungstransaktionen oder wenn irgendwelche sensiblen Daten übertragen werden, dann vielleicht das Programm ausschalten ;)
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
26.03.2015, 17:16
Member

Themenstarter

Beiträge: 120
#6 Ja, aber WIESO installiert das Tool das in der neuen Version - was in der alten NIE der Fall war?

- weils in der neuen so ist!
Das ist klar. Aber ...warum ist das plötzlich in der ALTEN Version so? DAS verstehe ich nicht.
Und wie kann ich das abstellen? Theoretisch müsste das Porgramm doch irgendwo einen Eintrag dazu hinterlassen...

Und "Do not trust ..." klingt auch nicht toll
Seitenanfang Seitenende
26.03.2015, 17:40
Member
Avatar Gool

Beiträge: 4730
#7 Na ja, Fiddler ist ein Tool für Entwickler. Eigentlich nicht für den normalen Hausgebrauch gedacht. Daher auch der Name des Zertifikatsausstellers "DO_NOT_TRUST..."

Was denkbar ist: auch die alte Version hat Fiddler eingesetzt. Das Zertifikat wurde aber damals problemlos installiert, so dass Du es nicht bemerkt hast. Bei der neuen Version hat es bei der Installation des Zertifikats ein Problem gegeben, weshalb jetzt diese Warnung kommt. Und wenn Du ein Downgrade versuchst, kommt es ebenfalls zu dem gleichen Problem mit der Zertifikatsinstallation.

Kann sein, dass es damals problemlos ging, weil es irgendein Windowsupdate noch nicht gab, welches inzwischen installiert wurde und neue Sicherheitsfeatures mitgebracht hat. Allerdings würde das nicht erklären, warum es auf dem Laptop geht, sofern Du dort ebenfalls Windows 7 SP1 mit gleichem Patchstand wie Dein PC laufen hast. Dann wäre da noch denkbar, dass sich zwar das Programm an sich auf eine ältere Version downgraden lässt, Fiddler dabei aber nicht angerührt wird und der "Fehler" in Fiddler somit nicht angetastet wird. Ich kann aber auch nur spekulieren...
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
26.03.2015, 17:47
Member

Themenstarter

Beiträge: 120
#8 Auf dem Lappi ist LEIDER Win Schi... ähm Vista. Von Haus aus.

Aber nun gut, dann kann ich das Ding wieder unbesorgt aufziehen.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: