![]() |
|
Log-Analyse und Auswertung: GVU 2.07 - nun bin ich auch dran..Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() GVU 2.07 - nun bin ich auch dran.. Sehr geehrte Helferlein, Heute Nacht hat es mich leider auch erwischt. Seit etwa 3 Uhr hock ich nun vor meiner Kiste und versuch sie wieder ans laufen zu bekommen - vergeblich. Nun bin ich zufällig auf Eure Seite gestoßen. OTL Log: Code:
ATTFilter OTL logfile created on: 02.08.2012 07:05:10 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Kev\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,59% Memory free 8,00 Gb Paging File | 6,78 Gb Available in Paging File | 84,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,05 Gb Total Space | 18,45 Gb Free Space | 12,38% Space Free | Partition Type: NTFS Drive D: | 267,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 120,11 Mb Total Space | 109,38 Mb Free Space | 91,07% Space Free | Partition Type: FAT Computer Name: KEV-PC | User Name: Kev | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Kev\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (OverwolfUpdaterService) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe (Overwolf Ltd) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (xsherlock) -- C:\Windows\SysWOW64\xsherlock.xem (Wellbia.com Co., Ltd.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (WireHelpSvc) -- C:\Programme\Common Files\WireHelpSvc.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>) DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local> IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D5 D8 A6 55 75 23 CC 01 [binary data] IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local> IE - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 216.155.139.115:3128 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "64.120.226.94" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "64.120.226.94" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "64.120.226.94" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "64.120.226.94" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.07 21:43:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 01:58:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 18:56:22 | 000,000,000 | ---D | M] [2011.04.18 21:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kev\AppData\Roaming\mozilla\Extensions [2012.05.20 11:31:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions [2012.05.20 11:31:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.04.19 14:45:06 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\battlefieldheroespatcher@ea.com [2011.07.08 17:34:40 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Kev\AppData\Roaming\mozilla\Firefox\Profiles\ilo8sujg.default\extensions\DefaultManager@Microsoft [2012.04.26 15:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.12.08 23:45:00 | 000,061,705 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI [2012.01.02 01:42:09 | 000,550,833 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI [2012.04.29 21:29:12 | 000,004,404 | ---- | M] () (No name found) -- C:\USERS\KEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ILO8SUJG.DEFAULT\EXTENSIONS\YOUTUBEUNBLOCKER@UNBLOCKER.YT.XPI [2012.07.18 01:58:02 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.11 18:56:32 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.13 22:58:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.13 22:58:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.13 22:58:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.06.11 22:59:39 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2012.02.13 22:58:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.13 22:58:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.13 22:58:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.01.04 04:41:35 | 000,000,826 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2391798189-349868460-2108168911-1001\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E88F556F-0087-4D8B-BDC0-4E06F860C0B7}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E88F556F-0087-4D8B-BDC0-4E06F860C0B7}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{7b68b01a-19e9-11e1-a9b2-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{7b68b01a-19e9-11e1-a9b2-00ff01000001}\Shell\AutoRun\command - "" = E:\INSTALL.EXE O33 - MountPoints2\{ff8514aa-d0d0-11e1-ab7d-00ff01000001}\Shell - "" = AutoRun O33 - MountPoints2\{ff8514aa-d0d0-11e1-ab7d-00ff01000001}\Shell\AutoRun\command - "" = E:\raf-risen_hd_ce.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.02 07:02:56 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Roaming\Malwarebytes [2012.08.02 07:02:41 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.02 07:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.02 07:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.02 07:02:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.08.02 07:02:26 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Kev\Desktop\OTL.exe [2012.08.02 07:02:25 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Kev\Desktop\mbam-setup-1.62.0.1300.exe [2012.08.02 05:49:50 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.07.28 14:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay [2012.07.24 14:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012.07.24 14:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2012.07.24 13:56:30 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\Risen [2012.07.24 13:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver [2012.07.19 14:48:10 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\SKIDROW [2012.07.19 14:48:10 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Local\Risen2 [2012.07.19 01:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.07.19 00:45:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.07.19 00:44:20 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.19 00:44:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.07.12 02:16:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.12 02:16:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.12 02:16:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.12 02:16:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.12 02:16:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.12 02:16:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.12 02:16:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.12 02:16:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.12 02:16:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.12 02:16:41 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.12 02:16:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.12 02:16:41 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.12 02:16:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.12 01:20:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.12 01:20:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.12 01:20:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.12 01:16:50 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.12 01:16:49 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.08 15:29:05 | 000,000,000 | ---D | C] -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike [2012.07.08 15:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike [2012.07.08 15:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.02 07:04:05 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.02 07:04:05 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.02 07:04:05 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.02 07:04:05 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.02 07:04:05 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.02 07:02:41 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.02 07:01:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.02 07:01:05 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys [2012.08.02 06:59:08 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Kev\Desktop\mbam-setup-1.62.0.1300.exe [2012.08.02 06:58:56 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Kev\Desktop\OTL.exe [2012.08.02 06:56:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\ras_0oed.pad [2012.08.02 02:50:29 | 000,001,877 | ---- | M] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2012.08.02 00:39:03 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.08.02 00:39:03 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.08.02 00:38:47 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.08.01 20:39:09 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.01 20:39:09 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.01 02:56:52 | 000,001,354 | ---- | M] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.07.28 15:04:35 | 050,846,578 | ---- | M] () -- C:\Users\Kev\Desktop\Raplays.rar [2012.07.28 14:19:51 | 000,001,993 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.07.28 14:19:51 | 000,001,901 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012.07.27 16:50:43 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012.07.19 00:45:28 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.07.19 00:44:20 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.12 23:50:20 | 000,000,080 | ---- | M] () -- C:\Users\Kev\AppData\Roaming\mBot.ini [2012.07.12 12:57:48 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.02 07:02:41 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.02 02:50:29 | 004,503,728 | ---- | C] () -- C:\ProgramData\ras_0oed.pad [2012.08.02 02:50:29 | 000,001,877 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2012.08.01 02:56:52 | 000,001,354 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2012.07.28 15:04:22 | 050,846,578 | ---- | C] () -- C:\Users\Kev\Desktop\Raplays.rar [2012.07.28 14:18:56 | 000,001,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.07.28 14:18:56 | 000,001,901 | ---- | C] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012.07.19 00:45:28 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2012.03.29 17:37:09 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.03.29 17:37:09 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\bd4040cn.dat [2012.03.29 17:37:09 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.01.27 17:01:49 | 000,186,197 | ---- | C] () -- C:\ProgramData\1327676404.bdinstall.bin [2012.01.27 16:52:38 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll [2012.01.27 16:52:38 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll [2012.01.12 01:39:09 | 000,358,414 | ---- | C] () -- C:\ProgramData\1326324280.bdinstall.bin [2012.01.04 04:42:06 | 000,000,080 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\mBot.ini [2011.10.30 19:08:09 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.09.14 11:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.09.01 01:30:54 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2011.09.01 01:30:54 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2011.09.01 01:30:54 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2011.08.31 22:04:46 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.08.15 15:28:47 | 000,100,712 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.07.02 20:37:53 | 000,000,031 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\esroLoader.ini [2011.06.23 02:03:19 | 000,000,105 | ---- | C] () -- C:\Users\Kev\AppData\Roaming\private_server_loader.ini [2011.06.22 23:59:59 | 000,000,292 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat [2011.06.22 17:16:06 | 000,000,598 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat [2011.06.22 17:15:48 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2011.05.14 09:33:49 | 001,598,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.19 15:17:23 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.04.19 15:17:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.04.18 22:22:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2011.06.22 23:59:59 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\BITS [2012.07.19 00:51:08 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\DAEMON Tools Lite [2011.05.29 20:13:31 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\edxLabs [2011.06.22 17:15:43 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\FlashGet [2011.06.22 17:15:41 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\FlashGetBHO [2012.05.17 20:23:37 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\Leadertech [2011.04.18 23:41:03 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\LolClient [2012.05.24 16:33:08 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\LolClient2 [2011.11.18 21:00:33 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\OpenOffice.org [2011.10.26 23:19:31 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\Origin [2011.04.21 22:21:26 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\PunkBuster [2012.01.12 01:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\QuickScan [2011.04.19 11:34:07 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\SFBot [2012.04.15 14:14:29 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\TeamViewer [2012.07.16 22:40:40 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\TS3Client [2012.06.26 16:59:33 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\wargaming.net [2011.08.29 18:05:43 | 000,000,000 | ---D | M] -- C:\Users\Kev\AppData\Roaming\www.rene-zeidler.de [2012.06.24 11:47:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Extras-Log (OTL): Code:
ATTFilter OTL Extras logfile created on: 02.08.2012 07:05:10 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Kev\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 68,59% Memory free 8,00 Gb Paging File | 6,78 Gb Available in Paging File | 84,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,05 Gb Total Space | 18,45 Gb Free Space | 12,38% Space Free | Partition Type: NTFS Drive D: | 267,21 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 120,11 Mb Total Space | 109,38 Mb Free Space | 91,07% Space Free | Partition Type: FAT Computer Name: KEV-PC | User Name: Kev | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06899AAF-E55A-436C-957E-0F70AC5A5467}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{094F37A6-47F8-4268-9CF3-E0352333817C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{129658BE-1364-420C-A067-7907A997FA76}" = lport=8397 | protocol=17 | dir=in | name=league of legends launcher | "{16BF999B-A54A-461C-A443-18866C19BDED}" = lport=6900 | protocol=17 | dir=in | name=league of legends launcher | "{18DC69EC-F6B7-4A4E-A08B-BBBEC537C4EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1C30B52F-3572-40FC-AC47-084DF5C92919}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2290F550-86C1-4E48-91CA-4D64212456A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2B0E1B0F-7422-49CD-9249-811E3A0D9E0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2E5BA39B-B2DD-48F2-8DC5-8CA26F881191}" = lport=49169 | protocol=6 | dir=in | name=akamai netsession interface | "{2FD372C9-FC8A-4FFA-B9D1-68D0568ED7C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{30DCC186-613B-4964-9791-83B522C78524}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{340DED20-CEEE-47B7-8C64-962666B96C2A}" = lport=8397 | protocol=6 | dir=in | name=league of legends launcher | "{39E37FA2-2793-496F-97BC-687277B1858C}" = rport=139 | protocol=6 | dir=out | app=system | "{3B1F684E-F560-4DE8-BB97-F15FDAB2794A}" = lport=445 | protocol=6 | dir=in | app=system | "{3D325BBC-75CB-45D9-AECD-70B158E3DFBA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4317AC17-A4F7-4EBB-8E51-B846D960281B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{4F8E3366-9105-4DF0-A276-28125FC63668}" = lport=6929 | protocol=6 | dir=in | name=league of legends launcher | "{61845226-8B84-4927-A695-9579C011F5CE}" = rport=137 | protocol=17 | dir=out | app=system | "{697138E3-8B41-4543-9472-2EAC4DE4E300}" = lport=139 | protocol=6 | dir=in | app=system | "{762A79D9-9B9E-48BC-B940-4A593766F867}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | "{80EC02E3-B068-49C8-927F-748D0A0C8A9D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{811B8076-3994-4528-B422-4227FD2238CC}" = lport=49175 | protocol=6 | dir=in | name=akamai netsession interface | "{85E7C377-6ADB-4597-9043-65528C884E87}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{87DE1166-DF1E-45D5-9340-BC1809C32D3F}" = lport=10243 | protocol=6 | dir=in | app=system | "{9013E1D1-5CD7-4AE0-8A69-D5E17E5C281B}" = lport=49195 | protocol=6 | dir=in | name=akamai netsession interface | "{952E55AE-A6B0-4989-8FD9-25B6E56ECDAE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{99240B89-1C8E-4971-BD0F-2934EA5251C7}" = lport=6900 | protocol=6 | dir=in | name=league of legends launcher | "{9DACBF95-2D20-4243-B4D6-930DBCA956AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AB6D2BBB-FC07-4513-909E-0510B7174D01}" = rport=10243 | protocol=6 | dir=out | app=system | "{AC7CA488-04A0-4198-8DE5-50CD591D14B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{B416EC4E-1964-4198-9BA9-101DD684D41E}" = lport=137 | protocol=17 | dir=in | app=system | "{BACBB0B5-4D6C-4464-8891-81E9F69A088E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BC880336-957F-4647-8CD0-6B8950596F42}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | "{BCC5ADA0-B77B-492F-A3BE-96758471721D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{C0B1ECE5-6BC2-460A-B9F2-3CB8BC3AC5E2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{C5520744-7AE6-48AB-AA52-03A7183F3AEA}" = lport=138 | protocol=17 | dir=in | app=system | "{C93C3361-917F-453E-A996-43F9B68BFD37}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CC0653FB-F25D-41FA-BDB2-CCC3CDB966C6}" = lport=2869 | protocol=6 | dir=in | app=system | "{D4D6F56D-CF4E-4D64-99D9-71444D2F484C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D8301A37-4A62-4C01-A7EB-858F88FF9D14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DF47ADF3-1B5E-4A27-A7B2-31D14BD4BC88}" = lport=49182 | protocol=6 | dir=in | name=akamai netsession interface | "{DF9C3A56-F22D-4020-9D9C-AF6ABAC5E721}" = rport=445 | protocol=6 | dir=out | app=system | "{E93D3E22-2331-4995-965B-3F46B156DD0B}" = rport=138 | protocol=17 | dir=out | app=system | "{E9DAA044-4BDA-42CE-AE18-8E640A0BAD4C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EB421CB5-BEF9-4BD8-8B7B-F15DD2401567}" = lport=6929 | protocol=17 | dir=in | name=league of legends launcher | "{EC1FF399-47D7-4AF3-B584-ED84A59FCF10}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F0CC8030-4D06-4CE2-B0C5-9C3397C9EB8D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{F77DEC57-F1F5-474A-9CA4-3DAA9244D1E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{002D0026-E596-4656-93BF-FCA3CBAF63FB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{00318544-6C30-4EA3-8A95-A0549A4DC7E4}" = dir=in | app=c:\program files\eslwire\wire.exe | "{04274D3E-F86B-4DDC-BD17-ABB6C01C89DB}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{11B87D12-9B27-433D-92D4-1171576B8D8E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe | "{139B59F1-129C-4890-95B0-B355EEFFA77D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1845DD98-797A-40CB-A951-004356740405}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{18566774-4DDF-44EA-90ED-CEB18CC49811}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1ABF53D5-859B-439C-BB79-C441AD1D6852}" = dir=out | app=c:\program files\eslwire\wire.exe | "{1EE39107-D716-41EB-8473-FF9FABC3AD3F}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe | "{21F8C564-0A6D-4D53-BF22-0BAF4F5E3173}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{259E79AA-693E-4E63-AFEC-5CA61C514AA0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{302F7C49-4D00-4887-93EF-EF7A01711741}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3148EC32-9B27-411B-A3CE-5BCCCFF34371}" = protocol=17 | dir=in | app=c:\program files (x86)\outspark\projectpowder\run.exe | "{32CB6DE0-9BC6-45BE-9210-CB67B671970F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{3570F312-217C-4561-A601-1790D466F516}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe | "{35CA1254-12DB-4ABF-8AAD-6236EE5DB1DD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{3AB9962C-033D-41F7-ABFB-8AF42C1B2417}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3B159C87-E076-4862-A06B-3B88B02A97BF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{3DDD1944-7DD4-4813-BF09-E76B8AC55276}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{3FE909DF-E809-4D82-8A71-CEC29CAB24CE}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars-the old republic\launcher.exe | "{420A3B12-5963-4F36-AEB9-49273A6D23DF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{52CF82A9-AD96-4229-AD2E-3186E4DDFD67}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{54787DBD-A967-46FB-BED6-4F624E8601A8}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{5773BE1D-C440-4D55-9121-5124E5EAA146}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{5A7C78D4-32DD-43EE-B76D-DCA0795333A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5F8F13F6-32C9-4530-BF37-252A93E1E3F1}" = protocol=6 | dir=in | app=c:\program files (x86)\outspark\projectpowder\run.exe | "{61BEEDE4-1FF1-4D8F-A9A8-D8F6F610057A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{62D6F4B3-FCD2-46F0-98E1-6EFFE37243F5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{6396A34E-3A12-463C-A26C-C04030F21A69}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{680010D0-438D-40AB-9C31-FF1BA27DF3A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6E17D508-0117-4246-9E8A-E0180B309BC8}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{6FF48710-D60E-4938-A4CF-5BF00EDC8A4E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{71BBB0C0-3E7C-45CD-8FED-B33CE730585D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{742E9162-0469-49B3-AF0D-AC4BC9C0DCDB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{78475BEB-1CDB-4CEE-A684-47191CD0E249}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{80C67BF7-1537-433C-89A8-A1AF815D0AD4}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{859DA5B1-1686-470B-8C30-E3105DB42A5B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8854119F-2C1C-4CAB-8133-C6151A312BBC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{90809ED9-3475-4789-B41C-1D195BEE085D}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{9B8FAA93-C559-4B15-A58A-BF4F155B100C}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{A5ACDC48-D95C-46FC-8E7E-8BA48FF868E4}" = protocol=17 | dir=in | app=c:\program files (x86)\outspark\projectpowder\run.exe | "{AA8F5570-5931-488A-A676-1EBBA108BB76}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{ABF751D2-2277-442E-A1E6-2617667C928D}" = protocol=6 | dir=in | app=c:\program files (x86)\outspark\projectpowder\run.exe | "{AC228EC3-1B8F-4E3E-AB09-888F57C768DC}" = protocol=6 | dir=out | app=system | "{AC7D552B-2571-436A-AFC4-14621E35451D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B4E2C6B3-2DD9-44D9-9053-D0D9A5D50A6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B68E13BC-DE84-43B9-813A-4755921859E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BE34357C-9AE7-4DDE-944D-28B8BCCF5A16}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{CFA8871C-12DD-4A35-9685-C45896D9C2F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D05C3A84-2280-42B6-AE5F-56E542A4D516}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D403CC78-D022-4BDE-84E1-4A694504B654}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D464B792-A60A-41CE-BBF9-2B81421E76E1}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{D5C2AAB7-7C78-419F-9079-BFC56683176C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DC6F38B7-B134-4661-9D02-B32780BA832B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{DC6FD7C5-5C23-4FB7-A666-F485D35B5322}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E2554337-6958-4387-8C0E-FFF00512E75E}" = protocol=6 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe | "{E484DB76-08F0-4EE6-87EC-BD3836BDB17B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E4AB8A94-2375-4762-BBDF-8B6EE7AAE94D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{E9E7C839-0593-4C15-AD0D-D14D5E4A6BF2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EB28E950-F62E-452A-A93C-4C1929061C3E}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{ECE4B7B2-2B18-4230-B57C-C8E517888023}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{EE98AE5F-F0DD-4F2A-B259-0CCA6E9DF2E9}" = protocol=17 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe | "{F0145CE3-430C-402E-BC53-E9E9E857668E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{F39386CC-DD50-474A-9971-A514C3DF796F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{F6C01D38-B9DB-4D46-BAFB-80847EF7947B}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{F969D79D-0763-4D2E-A487-8663B764A41B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{FDBE4F2A-82D4-443A-8080-F0DBC19C3050}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "TCP Query User{0800EBC8-4723-40F6-A09B-41EFC7F05FA9}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe | "TCP Query User{0918F4C4-D0C1-43F6-AF6D-589A4A28E141}C:\program files (x86)\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | "TCP Query User{117D5FB5-B217-41E5-9804-2AC33D168E0A}C:\program files (x86)\silkroadr\mbot_sror1.2\mbot_sror.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\mbot_sror1.2\mbot_sror.exe | "TCP Query User{2261F7D2-7EFF-4D04-B258-237EC4B4B239}C:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | "TCP Query User{239A2806-E01F-4EB7-A8C3-757D07D191F2}C:\program files (x86)\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike\hl.exe | "TCP Query User{2B71EBE9-7BC3-4B25-A3E1-DC32B696801E}C:\users\kev\documents\silkroad bot\ibot\_ibot__public_released_v1.1.9\ibot.exe" = protocol=6 | dir=in | app=c:\users\kev\documents\silkroad bot\ibot\_ibot__public_released_v1.1.9\ibot.exe | "TCP Query User{31733883-3093-4C7D-8235-F742878B83FC}C:\users\kev\desktop\spiele\desirexsro\mbot_vsro110_1.12b\mbot_vsro110.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\mbot_vsro110_1.12b\mbot_vsro110.exe | "TCP Query User{3373EA4A-1C51-466F-A815-DBF8AA28F1AE}C:\program files (x86)\tera\tera uncensor patcher v1.7.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera uncensor patcher v1.7.exe | "TCP Query User{3B36A67B-D56F-4F75-B24A-8D5BA97F934E}C:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{4412870E-8A02-4BDC-A12B-F34D1BE0806E}C:\users\kev\desktop\spiele\desirexsro\mbot_twink\mbot_vsro110.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\mbot_twink\mbot_vsro110.exe | "TCP Query User{456A7327-1996-4118-B237-888B6BB40AF5}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "TCP Query User{4A13526F-5136-4858-BEA3-FB55E621CB93}C:\program files (x86)\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | "TCP Query User{4B347490-CCF9-403A-AA91-EA6EDAEF0078}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{4BE0B4F4-6A90-4E12-A0BE-F92C647F4727}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | "TCP Query User{4DAA6127-213A-4488-8A0F-E936D2449BC3}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "TCP Query User{557F0DE6-E22A-4F38-867A-7AB422B75704}C:\users\kev\desktop\spiele\grindroad+online\grindroad online\mbot_vsro110_1.10b\mbot_vsro110.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\grindroad+online\grindroad online\mbot_vsro110_1.10b\mbot_vsro110.exe | "TCP Query User{6322BEB4-95B6-4E47-959E-C75953AA4F9F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "TCP Query User{69CB2E38-8105-44DA-895A-BFC44EBB938F}C:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hl.exe | "TCP Query User{6A4F8923-931D-40D7-A61F-702D09A4BDF5}C:\users\kev\desktop\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\empire earth\empire earth.exe | "TCP Query User{6A5A0029-FFEC-495A-94EB-68CB56F65A58}C:\users\kev\desktop\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\empire earth\empire earth.exe | "TCP Query User{71981F82-075C-49F2-ADAB-01C8D160B181}C:\users\kev\desktop\spiele\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\wc3\war3.exe | "TCP Query User{7516672F-41BF-4D28-A633-D061120CB9AF}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{810C9F88-E049-40FE-90A6-F8AAB8B30E45}C:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hl.exe | "TCP Query User{8B048F6E-65EC-4344-933A-726146A27ADB}C:\program files (x86)\silkroadr\ibot\ibot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\ibot\ibot.exe | "TCP Query User{8B9E94F9-807B-4A43-B578-B2743E718EFD}C:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe | "TCP Query User{9CF2CA1F-3743-4680-B52F-BAFF7A2E0DFB}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{9FDCFB5A-64FB-43EB-B508-7787BF1A1B97}C:\program files (x86)\silkroadr\ibot\agbot\packag5.2.0b.nomap\agbot.package\hackshieldstuff\hsserver\projecthsbypass1.4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\ibot\agbot\packag5.2.0b.nomap\agbot.package\hackshieldstuff\hsserver\projecthsbypass1.4.exe | "TCP Query User{A1820E9D-A4BA-4070-AAB5-EAF708049DD9}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe | "TCP Query User{A37F11F0-F509-4B87-AE73-6C242F67D527}C:\users\kev\desktop\spiele\desirexsro\vsroautoalchemy\fuse-o-mat\fuse-o-mat - release\phconnector\phconnector.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\vsroautoalchemy\fuse-o-mat\fuse-o-mat - release\phconnector\phconnector.exe | "TCP Query User{A6E6817F-B98D-4312-9997-F6F59336D437}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | "TCP Query User{AB0B8C69-1C41-4A13-B1D0-EDD0D03CF8DF}C:\program files (x86)\silkroadr\ibot\ibot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\ibot\ibot.exe | "TCP Query User{AB4B9808-B25E-4676-BDF5-61C5E6131275}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | "TCP Query User{B671C6D5-EBD6-4710-BD3C-4D2CF9AF78F3}C:\users\kev\desktop\spiele\wc3\war3.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\wc3\war3.exe | "TCP Query User{B70A14C5-591A-4B07-823D-95ADBD26B16E}C:\sierra\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\sierra\empire earth\empire earth.exe | "TCP Query User{B97B8DB1-84A2-435E-A195-FD79C231222F}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | "TCP Query User{BC1968F0-0363-4656-BA14-0DA17504B498}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "TCP Query User{BE60BE30-BFF9-4B8A-BB90-D52AC9DDFDC6}C:\program files (x86)\silkroadr\mbot_chill3r\mbot_sror.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\mbot_chill3r\mbot_sror.exe | "TCP Query User{C958B64F-E58C-4277-B1AF-8A6A34C17EDE}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | "TCP Query User{CF924F34-9198-4932-A674-C1D22841BF85}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe | "TCP Query User{D52CAB53-DE6E-456D-A679-DD2EA19644EE}C:\users\kev\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe | "TCP Query User{D9AC46FF-A296-4188-94CE-54B942DE4770}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{DD695EE1-2F6D-44AB-83CC-283AB66E6F6A}C:\program files\jowood\die gilde gold-edition\gildegold.exe" = protocol=6 | dir=in | app=c:\program files\jowood\die gilde gold-edition\gildegold.exe | "TCP Query User{E04444BD-ACA8-4691-AE57-FB5D7685AB3A}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe | "TCP Query User{E23A0A0F-B602-45A5-BD9A-4E2D483EBB56}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{E87BFAEA-C15A-4F1B-A597-81C678E0231C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{EDD87E9F-3D0C-42CC-9396-1FF606345763}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{F01FAFB2-1776-40EA-8F49-686AF3A01665}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "TCP Query User{FAE274DE-A988-4249-B042-D3B8C006D042}C:\program files (x86)\silkroadr\mbot_soxs\mbot_sror.exe" = protocol=6 | dir=in | app=c:\program files (x86)\silkroadr\mbot_soxs\mbot_sror.exe | "UDP Query User{0244E1A6-4D16-459A-A459-47635936E1C5}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | "UDP Query User{04509A9A-CE84-40C8-9BBC-C99857BC1A94}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{05D8E21E-BDDB-49D5-AB21-28EA3F9FB1CF}C:\program files (x86)\silkroadr\ibot\ibot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\ibot\ibot.exe | "UDP Query User{0EB835E5-FDE8-4879-B943-1A001ADB49F8}C:\users\kev\documents\silkroad bot\ibot\_ibot__public_released_v1.1.9\ibot.exe" = protocol=17 | dir=in | app=c:\users\kev\documents\silkroad bot\ibot\_ibot__public_released_v1.1.9\ibot.exe | "UDP Query User{124A9D4B-F3E4-4151-B7EC-8805D17D0585}C:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{14E2A14D-B330-444D-8200-5A6DD99820AD}C:\program files (x86)\silkroadr\mbot_sror1.2\mbot_sror.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\mbot_sror1.2\mbot_sror.exe | "UDP Query User{17F5EE90-85D0-4068-BEF9-8A7BA7B5F5A7}C:\program files\jowood\die gilde gold-edition\gildegold.exe" = protocol=17 | dir=in | app=c:\program files\jowood\die gilde gold-edition\gildegold.exe | "UDP Query User{25BCC645-3F91-4D8B-A0A6-795F4205B343}C:\users\kev\desktop\spiele\desirexsro\mbot_twink\mbot_vsro110.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\mbot_twink\mbot_vsro110.exe | "UDP Query User{31267D8F-1B58-45BA-A102-08EA674187E6}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe | "UDP Query User{3B1DA0C3-B8CF-4160-9435-4B8C0B021546}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | "UDP Query User{416C0085-EB9C-4E10-AC33-21051CBBA04F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{431AF372-1D71-4061-91B9-8189D984C05B}C:\users\kev\desktop\spiele\desirexsro\vsroautoalchemy\fuse-o-mat\fuse-o-mat - release\phconnector\phconnector.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\vsroautoalchemy\fuse-o-mat\fuse-o-mat - release\phconnector\phconnector.exe | "UDP Query User{480DF683-7974-41FE-9306-2B323EB5E207}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{58C8E833-DFAC-4C56-872C-D56816B431B7}C:\users\kev\desktop\spiele\grindroad+online\grindroad online\mbot_vsro110_1.10b\mbot_vsro110.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\grindroad+online\grindroad online\mbot_vsro110_1.10b\mbot_vsro110.exe | "UDP Query User{5DF45C4B-FDB1-4311-8C74-737FA94AD5D4}C:\users\kev\desktop\spiele\desirexsro\mbot_vsro110_1.12b\mbot_vsro110.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\desirexsro\mbot_vsro110_1.12b\mbot_vsro110.exe | "UDP Query User{6108F793-811A-446C-A349-2E626A0558AB}C:\program files (x86)\silkroadr\ibot\ibot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\ibot\ibot.exe | "UDP Query User{612723A5-1E02-44DE-A604-08368F88C700}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe | "UDP Query User{6216C657-FED4-4852-A445-FCE2FB027C2E}C:\users\kev\desktop\spiele\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\wc3\war3.exe | "UDP Query User{67B3141A-CECE-4C3F-A04C-25981C59A900}C:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hl.exe | "UDP Query User{6A6466B6-B875-4D51-BF74-9B687B719536}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{6B38E4FD-0947-4B7C-A02D-4F9A66B986F1}C:\program files (x86)\silkroadr\ibot\agbot\packag5.2.0b.nomap\agbot.package\hackshieldstuff\hsserver\projecthsbypass1.4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\ibot\agbot\packag5.2.0b.nomap\agbot.package\hackshieldstuff\hsserver\projecthsbypass1.4.exe | "UDP Query User{6FA3DCD6-ECD0-4189-8244-B8064DC6014F}C:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\temp\wow-4.2.1.2727-enus-tools-downloader.exe | "UDP Query User{70B320A2-4A4E-44F3-8DCD-D9BA4CD08E58}C:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 2\cod2mp_s.exe | "UDP Query User{713ECE48-FB29-4543-BF00-F0149BAF1876}C:\sierra\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\sierra\empire earth\empire earth.exe | "UDP Query User{89CF1275-2DEC-4E3B-81BB-BB5688DFAB5E}C:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hl.exe | "UDP Query User{8B4477AB-AF9B-4A71-A5CD-627DAA0ECF45}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{986803BB-588D-4072-A79E-7B6553915AC5}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "UDP Query User{9C4EB171-C45E-4100-A6BB-636F5C3D4E0C}C:\users\kev\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kev\appdata\local\akamai\netsession_win.exe | "UDP Query User{9D1D5AEE-BFCA-4477-B8AD-18612C5C9479}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{9E2AAE4A-05B1-408B-8E91-EB6CCCD2F91F}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{A623D524-2182-473B-8542-7708BA185B89}C:\program files (x86)\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe | "UDP Query User{ACA43002-9DA1-40A9-9659-F992F56686FB}C:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe | "UDP Query User{B42604A8-BD49-492F-B182-22C67B4F7D32}C:\users\kev\desktop\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\empire earth\empire earth.exe | "UDP Query User{B567011D-7E5B-48D1-B2B8-84A8403893BC}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe | "UDP Query User{BC198B22-4958-48DD-94AC-F241FF8DF013}C:\users\kev\desktop\spiele\wc3\war3.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\wc3\war3.exe | "UDP Query User{C3514880-36C0-43A7-A414-6797514122C9}C:\program files (x86)\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\backgrounddownloader.exe | "UDP Query User{C519D022-7FB4-4E32-B139-FEC37A92CE41}C:\program files (x86)\tera\tera uncensor patcher v1.7.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera uncensor patcher v1.7.exe | "UDP Query User{D1250A55-3577-44BF-80DE-A267806453C0}C:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\spiele\call of duty 4 - modern warfare\iw3mp.exe | "UDP Query User{D133D800-C847-47CB-817F-0F0FAD3B0536}C:\users\kev\desktop\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\users\kev\desktop\empire earth\empire earth.exe | "UDP Query User{D527B651-A1DD-4104-BDA6-E2C5697E16EB}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "UDP Query User{D73411A3-C61E-4893-98CD-F7C186CF4E53}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | "UDP Query User{DB66DBDA-3991-4326-9D82-093883049F5D}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | "UDP Query User{F11EA530-C3D7-4CCA-A55C-BABBD1569B9E}C:\program files (x86)\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike\hl.exe | "UDP Query User{F43ABCBC-35ED-469E-A440-B2A1E8D71781}C:\program files (x86)\silkroadr\mbot_soxs\mbot_sror.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\mbot_soxs\mbot_sror.exe | "UDP Query User{F844C938-8162-429B-9048-48F3AF2405FE}C:\program files (x86)\silkroadr\mbot_chill3r\mbot_sror.exe" = protocol=17 | dir=in | app=c:\program files (x86)\silkroadr\mbot_chill3r\mbot_sror.exe | "UDP Query User{F9CDACFD-4129-49D8-8A27-C0EDEF2D5B38}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{FC6B3F6C-913B-4DC0-B019-5D8B46B3F02F}C:\program files (x86)\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | "UDP Query User{FD480489-688A-463C-9CDA-6FF5427C5D0F}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0CC44ABB-62F1-FDA7-02C8-DCCC2A239DDE}" = AMD Fuel "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64 "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit) "{44E3AB6B-453B-8DAE-9777-1C48F5AB8965}" = AMD Catalyst Install Manager "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}" = User's Guides "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud "{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding "CCleaner" = CCleaner "ESL Wire_is1" = ESL Wire 1.10.1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR 4.00 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = AMD VISION Engine Control Center "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{32A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic "{4150D0B5-D203-419B-9C49-9B615AF11BAF}" = Overwolf "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E3D1AC1-D48B-45F4-BAE1-91BAE7D1FE7D}_is1" = Risen HD Collector's Edition "{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{95723791-2C44-454B-9220-C65D47D70E9C}" = WEBZEN Browser Extension "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch "{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "1489-3350-5074-6281" = JDownloader 0.9 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Akamai" = Akamai NetSession Interface Service "Avira AntiVir Desktop" = Avira Free Antivirus "Battlelog Web Plugins" = Battlelog Web Plugins "Counter-Strike" = Counter-Strike 1.0 "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup" = DivX-Setup "ESN Sonar-0.70.4" = ESN Sonar "Fraps" = Fraps (remove only) "Locks Pro" = Locks Pro "LOLReplay" = LOLReplay "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "TeamViewer 7" = TeamViewer 7 "VLC media player" = VLC media player 1.1.11 "WinLiveSuite" = Windows Live Essentials "World of Warcraft" = World of Warcraft "Xfire" = Xfire (remove only) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2391798189-349868460-2108168911-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "c23188044ae10ee6" = Lol Account maker ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 22.07.2012 15:33:27 | Computer Name = Kev-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610, Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880, Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00480038 ID des fehlerhaften Prozesses: 0x10c4 Startzeit der fehlerhaften Anwendung: 0x01cd6834bf8c9263 Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\LolClient.exe Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 1bd81d2b-d434-11e1-90ed-00ff01000001 Error - 23.07.2012 09:40:49 | Computer Name = Kev-PC | Source = BugSplat | ID = 1 Description = Error - 23.07.2012 09:42:16 | Computer Name = Kev-PC | Source = BugSplat | ID = 1 Description = Error - 23.07.2012 11:31:30 | Computer Name = Kev-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610, Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880, Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00480038 ID des fehlerhaften Prozesses: 0x10b8 Startzeit der fehlerhaften Anwendung: 0x01cd68dbb628c1c2 Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\LolClient.exe Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.175\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: 78fa35c9-d4db-11e1-8c27-00ff01000001 Error - 24.07.2012 08:05:55 | Computer Name = Kev-PC | Source = MsiInstaller | ID = 1013 Description = Error - 25.07.2012 12:42:36 | Computer Name = Kev-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: LolClient.exe, Version: 2.0.2.12610, Zeitstempel: 0x4c00573a Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.1.0.4880, Zeitstempel: 0x4eb75fb9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00480048 ID des fehlerhaften Prozesses: 0x7f0 Startzeit der fehlerhaften Anwendung: 0x01cd6a64e5a555bd Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.176\deploy\LolClient.exe Pfad des fehlerhaften Moduls: C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.176\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dll Berichtskennung: bcebe0d1-d677-11e1-a07f-00ff01000001 Error - 25.07.2012 22:08:33 | Computer Name = Kev-PC | Source = BugSplat | ID = 1 Description = Error - 28.07.2012 09:30:07 | Computer Name = Kev-PC | Source = MsiInstaller | ID = 1013 Description = Error - 30.07.2012 18:08:51 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002 Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a58 Startzeit: 01cd6e9fdae87f71 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe Berichts-ID: 23746baf-da93-11e1-808a-00ff01000001 Error - 30.07.2012 18:09:15 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002 Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 13c Startzeit: 01cd6e9fe9059fe3 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe Berichts-ID: 318d1f44-da93-11e1-808a-00ff01000001 Error - 30.07.2012 18:09:42 | Computer Name = Kev-PC | Source = Application Hang | ID = 1002 Description = Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: af4 Startzeit: 01cd6e9ff710bec3 Endzeit: 1 Anwendungspfad: C:\Users\Kev\Downloads\LOLPBE(1)\LOLPBE\RADS\system\rads_user_kernel.exe Berichts-ID: 3c1d17a1-da93-11e1-808a-00ff01000001 [ System Events ] Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:34 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:01:44 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 02.08.2012 01:02:06 | Computer Name = Kev-PC | Source = DCOM | ID = 10005 Description = Error - 02.08.2012 01:02:06 | Computer Name = Kev-PC | Source = DCOM | ID = 10005 Description = Error - 02.08.2012 01:02:06 | Computer Name = Kev-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.03.05 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus) Internet Explorer 9.0.8112.16421 Kev :: KEV-PC [Administrator] 02.08.2012 07:03:40 mbam-log-2012-08-02 (07-03-40).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 358871 Laufzeit: 38 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Kevin Geändert von kev255 (02.08.2012 um 06:54 Uhr) |
Themen zu GVU 2.07 - nun bin ich auch dran.. |
battle.net, code, editiert, gvu 2.07, helferlein, jdownloader, kis, langs, laufe, laufen, launch, league of legends, log, msiinstaller, nacht, plug-in, seite, spark, versuch, zufällig |