| |  Win32.Downloader.gen Virus
 Hallo,
seit heute Mittag habe ich den Virus Win32.Downloader.gen. Der Email Account eines Freundes wurde gehackt, der mir einen Link zukommen ließ, den ich dummerweise öffnete..
Habe dann Spybot drüberlaufen lassen und das hat ihn sofort erkannt.Habe ihn gelöscht , aber beim neustart ist er direkt wieder da...Norton 360 hat ihn überhaupt nicht erkannt. Malwarebytes hat ebenfalls nichts gefunden.
Nun habe ich mich bei Google schlau gemacht und diverse Anleitungen zum manuellen Entfernen versucht, doch die Dateien die ich beim Taskmanager und bei Regedit löschen soll, sind gar nicht vorhanden..
Diese meine ich damit:
Win32.Downloader.gen Removal: How to Guide - Latest Computer Threats - Zimbio
Dann habe ich etwas weiter gesucht und bin auf den OTL Log gestoßen. Ich poste ihn hier mal, in der Hoffnung, dass jemand damit was anfangen kann:
OTL: Zitat:
OTL logfile created on: 03.04.2013 00:29:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,92 Gb Total Physical Memory | 4,92 Gb Available Physical Memory | 62,16% Memory free
15,84 Gb Paging File | 12,78 Gb Available in Paging File | 80,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 242,35 Gb Free Space | 34,69% Space Free | Partition Type: NTFS
Drive D: | 6,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: RETROGOTT | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.02 23:51:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe
PRC - [2013.03.18 21:16:39 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.02.10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.01.24 19:22:50 | 000,093,440 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
PRC - [2012.12.13 15:44:31 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.10.16 20:17:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.08.31 16:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () -- C:\Program Files (x86)\CPUCooL\CooLSrv.exe
PRC - [2010.10.22 03:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2010.04.22 16:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
PRC - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.04.12 19:48:18 | 001,687,552 | ---- | M] (PANTERASoft) -- C:\Program Files (x86)\HDD Health\hddhealth.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.18 21:16:39 | 003,069,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.10.03 00:21:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.3.0.36\wincfi39.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.18 22:11:16 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.18 21:16:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.15 18:29:10 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.02.10 05:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.09 19:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.01.24 19:22:50 | 000,093,440 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe -- (N360)
SRV - [2012.12.13 15:44:31 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012.12.10 18:29:46 | 002,465,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.11.14 13:00:10 | 000,678,416 | ---- | M] () [Auto | Running] -- C:\Programme\EslWire\service\WireHelperSvc.exe -- (EslWireHelper)
SRV - [2012.10.16 20:17:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.08.31 16:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.08.05 21:33:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012.08.05 21:32:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CPUCooL\CooLSrv.exe -- (CPUCooLServer)
SRV - [2011.08.17 12:04:36 | 000,247,872 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.05.20 10:04:14 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.13 17:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.01.31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symds64.sys -- (SymDS)
DRV:64bit: - [2012.12.19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.13 15:26:36 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012.11.21 11:09:08 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012.11.14 12:59:58 | 000,160,784 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2012.10.03 00:26:46 | 000,066,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.10.03 00:26:46 | 000,043,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSUsbFilt.sys -- (LGSUsbFilt)
DRV:64bit: - [2012.08.03 21:38:55 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.04.10 05:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.01.13 13:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.11 21:12:02 | 000,019,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ntiopnp.sys -- (ntiopnp)
DRV:64bit: - [2010.10.25 02:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.10.04 01:00:00 | 001,293,824 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb4.sys -- (fwlanusb4)
DRV:64bit: - [2010.10.04 01:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.09.21 10:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.04.27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010.04.27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010.04.27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010.04.27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.31 11:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\XENfiltv.sys -- (XENfiltv)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.04.02 23:36:36 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.03.26 02:11:20 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\ex64.sys -- (NAVEX15)
DRV - [2013.03.26 02:11:20 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130402.003\eng64.sys -- (NAVENG)
DRV - [2013.03.22 03:52:21 | 001,387,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130322.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.01.06 21:34:54 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.01.04 17:28:04 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130330.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.08.16 09:19:33 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.01.21 00:16:39 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281348&CUI=UN27182633232089623
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN27182633232089623&ctid=CT3281348
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DF 20 F9 83 CF AA CD 01 [binary data]
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes\{31F80D57-5F24-415e-AC0D-92FB881249BE}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes\{44FD43DC-8E68-4372-BC8F-F9E932D1A7B7}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281348&CUI=UN27182633232089623
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\SearchScopes\{D985E0F7-5C0C-4dc8-A1E9-164E32C8BF71}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BrotherSoft Extreme2 B1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281348&SearchSource=3&q={searchTerms}&CUI=UN15200578831739550"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3281348&octid=CT3281348&SearchSource=61&CUI=SB_CUI&UM=UM_ID&UP=SPCF05CB1D-1943-4CFE-A20A-49C90C7EAAA6"
FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.14
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.5
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%204
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a1}:1.1.8.4
FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a0}:1.1.8.4
FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.5.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.1
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281348&SearchSource=2&CUI=UN15200578831739550&UM=UM_ID&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2013.04.02 23:36:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2012.11.21 16:54:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.18 21:16:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.18 21:16:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.18 21:16:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.18 21:16:38 | 000,000,000 | ---D | M]
[2012.01.20 01:01:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions
[2013.03.29 15:00:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\xy7b10iz.default\extensions
[2012.07.26 16:07:42 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\xy7b10iz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.01.31 10:24:18 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\xy7b10iz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.03.29 15:00:15 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\xy7b10iz.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2013.03.19 11:01:23 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\extensions\personas@christopher.beard.xpi
[2013.02.13 14:19:06 | 000,281,921 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2012.12.12 12:27:06 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 21:05:47 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.07.18 16:32:01 | 000,002,342 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icq-search.xml
[2012.08.31 02:03:41 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-1.xml
[2013.03.19 11:01:34 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-10.xml
[2012.09.10 01:44:10 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-2.xml
[2012.10.22 23:39:51 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-3.xml
[2012.10.28 11:02:17 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-4.xml
[2012.12.06 10:49:23 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-5.xml
[2013.01.11 20:50:23 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-6.xml
[2013.01.20 11:39:55 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-7.xml
[2013.02.06 01:29:16 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-8.xml
[2013.02.14 14:56:46 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin-9.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin.src
[2012.07.22 21:13:00 | 000,000,950 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\xy7b10iz.default\searchplugins\icqplugin.xml
[2013.03.18 21:16:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.18 21:16:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.04.02 23:36:27 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\COFFPLGN
[2012.11.21 16:54:04 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPLGN
[2013.03.18 21:16:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.31 01:19:00 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.20 12:56:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2013.02.05 14:20:45 | 000,440,470 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15152 more lines...
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000..\Run: [HDDHealth] C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
O4 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000..\Run: [SearchProtect] C:\Users\Tobias\AppData\Roaming\SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1134755629-2973517856-2613117371-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Programme\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F875472-D613-4CC4-A80A-419BEBD24679}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31524F77-76B2-48CF-BB3D-C4A68474C4D0}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AA2FCDD-280C-4528-94B8-34C8F79AB563}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A26F4D1-A149-4531-93CF-EE3F9FFF61AF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D52E549D-CCED-4DE3-BC14-D1968D60CCFF}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.13 20:01:35 | 000,348,080 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2012.08.13 20:01:35 | 000,000,047 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{1404f470-07ee-11e2-8a54-8a81db4b384c}\Shell - "" = AutoRun
O33 - MountPoints2\{1404f470-07ee-11e2-8a54-8a81db4b384c}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{3551e1b0-11ed-11e2-8062-00059a3c7a00}\Shell - "" = AutoRun
O33 - MountPoints2\{3551e1b0-11ed-11e2-8062-00059a3c7a00}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{83a7ecfc-4326-11e1-a8b7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{83a7ecfc-4326-11e1-a8b7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2012.08.13 20:01:35 | 000,348,080 | R--- | M] (Konami Digital Entertainment Co., Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.02 23:51:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe
[2013.04.02 23:45:39 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Programs
[2013.04.02 18:21:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2013.04.01 23:07:51 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\Aem 16 & Apfel - 16 Äpfel
[2013.04.01 22:31:12 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\Waldo the Funk - Toykis EP (2013)
[2013.04.01 22:31:06 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\Damion Davis - Schön Dich zu sehen
[2013.03.29 22:22:17 | 000,000,000 | R--D | C] -- C:\Users\Tobias\Documents\Ubisoft
[2013.03.29 22:12:01 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Ubisoft Game Launcher
[2013.03.29 21:53:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2013.03.29 21:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2013.03.29 21:51:47 | 000,804,384 | ---- | C] (Firelight Technologies) -- C:\Windows\SysWow64\fmodex.dll
[2013.03.29 21:51:47 | 000,312,864 | ---- | C] (Firelight Technologies) -- C:\Windows\SysWow64\fmod_event.dll
[2013.03.29 21:26:22 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Documents\Amazon Downloader Logs
[2013.03.19 11:05:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.19 10:53:02 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.03.19 10:53:02 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.03.19 10:53:02 | 017,987,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.03.19 10:53:02 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.03.19 10:53:02 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013.03.19 10:53:02 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.03.19 10:53:02 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.03.19 10:53:02 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.03.19 10:53:02 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.03.19 10:53:02 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.03.19 10:53:02 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.03.19 10:53:02 | 002,528,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013.03.19 10:53:02 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.03.19 10:53:02 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.03.19 10:53:02 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll
[2013.03.19 10:53:02 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll
[2013.03.19 10:53:02 | 000,963,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.03.19 10:53:02 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.03.19 10:53:02 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.03.18 21:24:16 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.18 21:24:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.18 21:24:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.18 21:24:08 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.18 21:24:08 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.18 21:24:08 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.18 21:24:08 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.18 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013.04.03 00:11:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.02 23:51:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe
[2013.04.02 23:45:51 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.02 23:43:38 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 23:43:38 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.02 23:40:40 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.02 23:40:40 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.02 23:40:40 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.02 23:40:40 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.02 23:40:40 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.02 23:36:36 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.04.02 23:36:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.02 23:36:03 | 2082,349,055 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.02 20:10:41 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.02 20:10:41 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.02 20:10:16 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.03.31 18:30:55 | 000,001,051 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.03.28 21:37:41 | 000,002,408 | ---- | M] () -- C:\{7FB15CED-5F22-4FD2-9F60-DD8FBB53D11A}
[2013.03.28 21:37:40 | 000,024,344 | ---- | M] () -- C:\{C9383B08-FAC8-4C5E-BAC4-06EE11A962B9}
[2013.03.25 08:50:03 | 244,475,106 | ---- | M] () -- C:\Users\Tobias\Desktop\Californication.S06E11.HDTV.XviD-AFG.avi
[2013.03.21 13:35:10 | 004,013,788 | ---- | M] () -- C:\Users\Tobias\Desktop\EFT Klausurvorbereitung SS 2012.pdf
[2013.03.19 11:28:08 | 001,834,970 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\Cat.DB
[2013.03.19 10:48:03 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\VT20130115.021
[2013.03.18 22:11:14 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.18 22:11:14 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.18 10:50:44 | 244,154,368 | ---- | M] () -- C:\Users\Tobias\Desktop\Californication.S06E10.HDTV.XviD-TVSR.avi
[2013.03.11 07:34:40 | 245,748,730 | ---- | M] () -- C:\Users\Tobias\Desktop\Californication.S06E09.HDTV.XviD-AFG.avi
[2013.03.04 09:10:58 | 249,639,626 | ---- | M] () -- C:\Users\Tobias\Desktop\Californication.S06E08.HDTV.XviD-AFG.avi
========== Files Created - No Company Name ==========
[2013.04.02 23:45:51 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.28 21:37:40 | 000,024,344 | ---- | C] () -- C:\{C9383B08-FAC8-4C5E-BAC4-06EE11A962B9}
[2013.03.28 21:37:40 | 000,002,408 | ---- | C] () -- C:\{7FB15CED-5F22-4FD2-9F60-DD8FBB53D11A}
[2013.03.26 11:34:51 | 244,475,106 | ---- | C] () -- C:\Users\Tobias\Desktop\Californication.S06E11.HDTV.XviD-AFG.avi
[2013.03.25 18:28:00 | 244,154,368 | ---- | C] () -- C:\Users\Tobias\Desktop\Californication.S06E10.HDTV.XviD-TVSR.avi
[2013.03.21 13:35:06 | 004,013,788 | ---- | C] () -- C:\Users\Tobias\Desktop\EFT Klausurvorbereitung SS 2012.pdf
[2013.03.21 00:23:24 | 245,748,730 | ---- | C] () -- C:\Users\Tobias\Desktop\Californication.S06E09.HDTV.XviD-AFG.avi
[2013.03.20 18:08:45 | 249,639,626 | ---- | C] () -- C:\Users\Tobias\Desktop\Californication.S06E08.HDTV.XviD-AFG.avi
[2013.03.20 17:48:11 | 237,495,750 | ---- | C] () -- C:\Users\Tobias\Desktop\Californication.S06E07.HDTV.XviD-AFG.avi
[2012.10.16 19:35:06 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.09.21 19:40:47 | 000,003,400 | ---- | C] () -- C:\Users\Tobias\unigine_20120921_1940.html
[2012.09.21 19:11:17 | 000,003,072 | ---- | C] () -- C:\Users\Tobias\AppData\Local\file__0.localstorage
[2012.08.05 21:33:32 | 000,002,169 | ---- | C] () -- C:\Windows\XENcfg.ini
[2012.08.05 21:33:32 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2012.08.05 21:33:30 | 000,186,880 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.08.05 21:33:30 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.01.23 22:49:27 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.20 23:34:20 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.01.20 23:34:17 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.01.20 19:21:48 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.01.20 00:54:02 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2012.01.20 00:52:13 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.01.20 00:52:13 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.01.20 00:52:13 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.01.20 00:52:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.01.20 00:52:13 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.01.20 00:49:55 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.04.20 16:20:11 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\.minecraft
[2012.11.20 11:15:17 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\2K Sports
[2013.04.02 23:37:19 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Dropbox
[2012.01.25 20:26:49 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoft
[2012.01.25 20:26:16 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.01.12 19:58:30 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\ICQ
[2012.12.18 14:55:42 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Leadertech
[2012.04.16 23:43:54 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Notepad++
[2012.11.30 14:27:26 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Origin
[2012.09.15 10:36:18 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Rainmeter
[2013.02.14 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Secure Soft
[2012.01.23 17:51:57 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\Splashtop
[2013.04.02 20:21:03 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\TS3Client
[2012.07.11 20:17:12 | 000,000,000 | ---D | M] -- C:\Users\Tobias\AppData\Roaming\ts3overlay
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 161 bytes -> C:\Users\Tobias\Desktop\Californication.S06E07.HDTV.XviD-AFG.avi:com.dropbox.attributes
@Alternate Data Stream - 160 bytes -> C:\Users\Tobias\Desktop\Californication.S06E08.HDTV.XviD-AFG.avi:com.dropbox.attributes
< End of report >
|
und Extras: Zitat:
OTL Extras logfile created on: 03.04.2013 00:29:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,92 Gb Total Physical Memory | 4,92 Gb Available Physical Memory | 62,16% Memory free
15,84 Gb Paging File | 12,78 Gb Available in Paging File | 80,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,54 Gb Total Space | 242,35 Gb Free Space | 34,69% Space Free | Partition Type: NTFS
Drive D: | 6,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: RETROGOTT | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA099D5-8B44-4DF2-B6D5-EA8B45EA2228}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0AA40045-75BA-44D4-AB13-EB1AE7AD057E}" = lport=445 | protocol=6 | dir=in | app=system |
"{34E969F1-CBDD-48B6-9900-75EFFFFB4BED}" = rport=137 | protocol=17 | dir=out | app=system |
"{4852ECE7-7266-47A1-9853-B94AB81F476A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{52D1CD17-C06E-47ED-BC59-780B5D02D7AE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{52E3D506-7370-46BD-86C5-D68756F39004}" = rport=138 | protocol=17 | dir=out | app=system |
"{542D9AD1-C2A7-4FF5-B257-85D8C7BD0D5C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55141914-6089-4C01-9ACB-90FC4B3E048D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{567B91B1-8C33-4B70-84D3-619B310C3CAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{640975BC-5747-4A84-8FDC-CDBEBCE9FDA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66C67F0E-E846-43BA-828F-7EAD4D28C409}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8BA49D41-0C63-4DD4-AE66-9FF8A75141FB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D35192D-60C1-4391-8DFB-A6E725359B5B}" = lport=138 | protocol=17 | dir=in | app=system |
"{A127FB58-BCD4-4898-AA35-785FA8658E34}" = lport=137 | protocol=17 | dir=in | app=system |
"{AB4C183E-B07B-4764-BFEE-DFB5FA74C6E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9D9B042-EF4B-4507-9F28-8216059E4D58}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3728786-0B4C-4305-A645-07034BEB5335}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C3F8AAC3-AED1-4A77-94C5-A6419A43A4C5}" = lport=139 | protocol=6 | dir=in | app=system |
"{D71A80A2-FF42-4DFE-861F-16AE379DACC6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D95D3BCA-093C-44CD-89F6-94C4A3BA1835}" = rport=445 | protocol=6 | dir=out | app=system |
"{E01EBD85-F019-4375-B453-75760DED71CD}" = rport=139 | protocol=6 | dir=out | app=system |
"{EFB8C349-DC9D-423B-9D07-8241F72AAC65}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F588CC-0AEA-46EC-B95B-65AF267EF51B}" = protocol=6 | dir=in | app=c:\program files (x86)\games\battlefield 3\battlefield 3\bf3.exe |
"{0AF27A67-E4A6-4162-A4EB-3CCDCA765286}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{0C41668F-4E17-4A31-808B-0F85D79E02B2}" = dir=in | app=c:\program files\eslwire\wire.exe |
"{0C7502B3-A00B-432F-ABCC-954AE0DD6C65}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nba2k13\nba2k13.exe |
"{0F0534AF-EBC4-46A0-BCB4-057D3E7EAE30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F13C19E-755B-419B-99CF-F231EC990315}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1E25C7DA-8C2F-4DFC-932B-CD3FF9E18E1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E7496D6-A85C-439E-B114-FCB4AE8A63B5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{27A6584D-8816-4934-B2FF-4B1B6FED630A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2A8EBF08-8EAC-477B-B997-9244694BBBBA}" = protocol=17 | dir=in | app=c:\program files (x86)\games\trials evolution\datapack\trialsfmx.exe |
"{2CC52EDC-038B-4EA3-B8D4-56DF5E99F03C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{30151E2C-A359-404C-8E17-69BC3D933EA2}" = protocol=6 | dir=in | app=c:\program files (x86)\games\bad company 2\bfbc2updater.exe |
"{3CC5AEF1-D58D-4984-8D04-7834F5444C99}" = dir=out | app=c:\program files\eslwire\wire.exe |
"{3EFCAF8E-421B-4B86-A8EA-CCD6B9A4509E}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"{41D5A072-4BA3-4009-8E30-BDAEE17F9A9A}" = protocol=6 | dir=in | app=c:\program files (x86)\games\battlefield 3\battlefield 3\bf3.exe |
"{4459564F-0825-4D5D-BF1E-5E23A37437B2}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{47D5A422-91B3-4F46-83FD-A3CA85E73B3B}" = protocol=6 | dir=in | app=c:\program files (x86)\games\trials evolution\datapack\trialsfmx.exe |
"{4A2F1BAA-7C46-4BED-AC28-0B2B0B1AEE06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B7A0DD6-1348-4A6C-B40C-BD23C35F9E30}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4C5DA788-94FA-4223-9699-32B5D76AE9BE}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4D763FD1-554E-4C08-B9F0-58FC6388B1F9}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4DD9A1EA-1FBA-4E6A-82D2-B19532BD0EF3}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{54F54B58-742A-40C1-BE67-0FBE2F00C1CC}" = protocol=58 | dir=in | app=system |
"{60898F95-ACBE-4994-9722-42C048B401BB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{62F7944B-7462-46F0-BCA4-F44CDC9F4031}" = protocol=6 | dir=in | app=c:\program files (x86)\games\trials evolution\trials_launcher.exe |
"{654CF340-3516-4D08-9471-DA029BEBD70A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69BF87C8-DB67-4518-A87A-F3133BF1F406}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{6AAF86E3-94D8-41B0-B686-D90C70A429BC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6C69E8B4-728A-4D42-B97C-CD72B7311A46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6CFDADA3-ECDC-427E-8CDE-FE5020AF13BC}" = protocol=17 | dir=in | app=c:\program files (x86)\games\bad company 2\bfbc2updater.exe |
"{6D1D4478-2E0C-4B47-B885-CB620D62D183}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6D2844F0-0708-4E6C-B9CC-B720E5BEDC88}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6ED2191E-04B7-42EA-9975-800E3C22262F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{764D9E1F-5CC8-4068-86B7-271588AE99EC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{77CFA0DF-24BA-4D7C-98F8-EE744F266AA6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7BEA3ED9-6330-430E-9341-3CB848ED135B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8313B911-9F83-4C24-83B8-50E9BA10C583}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8963A97F-2F2F-460D-8879-7754E6EA9E67}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{89995FCC-9506-4F7F-B1AD-65D824EAF31D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D69F56D-9506-4440-8946-B9A05F8706D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{911B302A-CB6F-4838-816B-289308DDF6BD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{9477494B-1141-4047-B9FA-804270724D39}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{954DF000-B0DB-4DF9-8B5B-4D44B5695B56}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{99BE536B-E082-4FB8-A2F6-E2E0B49C39D5}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9C824B53-BD1E-46AB-B7B6-3EC73F5C328A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{A4FE5B05-CDD9-4E94-86A4-632F00112164}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B442CDA4-7C3A-4661-8C83-33840E7ADBE7}" = protocol=6 | dir=in | app=c:\program files (x86)\games\pro evo 2012\pes2012.exe |
"{BE657DE3-4782-4D1D-9CD8-5FDD5B5501E2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{BEC16F42-5142-4E13-9535-2D2CDEEB725B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BF20EC16-EF9F-4CA0-AD7D-3ACE1D34798A}" = protocol=17 | dir=in | app=c:\program files (x86)\games\battlefield 3\battlefield 3\bf3.exe |
"{D07B692E-929E-4E9A-B732-3F5CDF048CE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D38AC147-2749-41C3-9F3C-F613C253D15C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D773D158-2461-4740-A0BD-0F3546F0A186}" = protocol=17 | dir=in | app=c:\program files (x86)\games\trials evolution\trials_launcher.exe |
"{DD11B754-7D8C-4390-90CF-BD281D460D7E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DDB68E21-6979-4E16-A62F-1D68ADFECA08}" = protocol=17 | dir=in | app=c:\program files (x86)\games\battlefield 3\battlefield 3\bf3.exe |
"{E26FBD54-DF93-402A-9347-0D41C32E0AC0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E5096782-40F4-4A61-9396-BFE8D8080335}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\nba2k13\nba2k13.exe |
"{E8A317CA-479C-4A1C-BBE0-473279CD4542}" = protocol=17 | dir=in | app=c:\program files (x86)\games\pro evo 2012\pes2012.exe |
"{EB9E1749-0BB6-4B72-941F-06C09BA0704A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F3BD2EA0-9235-4591-B97A-7BB46118D114}" = protocol=6 | dir=out | app=system |
"{F4F3D963-AE88-4F44-ACF7-5FC2DABFF0BC}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"{FAD6DBC6-345F-4A52-9CFB-8502C7A9570D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5866DD36-8055-475B-A5C3-82C04091D14E}" = BF3 Settings Editor
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.15
"Logitech Gaming Software" = Logitech Gaming Software 8.40
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07D857B8-C956-401D-BC8F-EDA8459AF037}" = Trials Evolution Gold Edition
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{2B7E4354-0492-460A-BDB1-1F59EE141025}" = AirPlus G
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B11.0512.1
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}" = Sound Blaster Tactic(3D) Sigma
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"ATC_is1" = Advanced Tactical Center™ 1.12
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battlelog Web Plugins" = Battlelog Web Plugins
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"CPUCooL" = CPUCooL (remove only)
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"HD Tune_is1" = HD Tune 2.55
"HDD Health_is1" = HDD Health v3.3 Beta
"ICQToolbar" = ICQ Toolbar
"InstallShield_{07D857B8-C956-401D-BC8F-EDA8459AF037}" = Trials Evolution Gold Edition
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0512.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"SearchProtect" = Search Protect by conduit
"Security Task Manager" = Security Task Manager 1.8d
"SopCast" = SopCast 3.5.0
"Steam App 219600" = NBA 2K13
"SysInfo" = Creative Systeminformationen
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"Uplay" = Uplay
"VLC media player" = VLC media player 1.1.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1134755629-2973517856-2613117371-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.03.2013 09:43:37 | Computer Name = Retrogott | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Name des fehlerhaften Moduls: bf3.exe, Version: 1.5.0.0, Zeitstempel:
0x50c39964 Ausnahmecode: 0xc0000005 Fehleroffset: 0x009e8e1a ID des fehlerhaften Prozesses:
0x4734 Startzeit der fehlerhaften Anwendung: 0x01ce1814bec44c87 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Games\Battlefield 3\Battlefield 3\bf3.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Games\Battlefield 3\Battlefield
3\bf3.exe Berichtskennung: 594f74ae-8408-11e2-8444-bc05430bf13a
Error - 29.03.2013 16:42:03 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:42:06 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:42:08 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:42:13 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:42:17 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:43:22 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:43:26 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:43:27 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 29.03.2013 16:43:28 | Computer Name = Retrogott | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Tobias\Desktop\COMPUTER_BILD_Download_Manager_fuer_xpadder.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 02.04.2013 17:36:23 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1655 Invoked Function: CSocketTransport: ostConnectProcessing Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp
Line:
1655 Invoked Function: CSocketTransport:ostConnectProcessing Return Code: -31588316
(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
225 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 02.04.2013 17:36:31 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 02.04.2013 17:41:15 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 02.04.2013 17:41:15 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 02.04.2013 17:41:15 | Computer Name = Retrogott | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL
[ System Events ]
Error - 02.04.2013 16:52:27 | Computer Name = Retrogott | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 02.04.2013 17:02:41 | Computer Name = Retrogott | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Creative Audio Service" ist vom Dienst "Windows-Audio"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 02.04.2013 17:02:50 | Computer Name = Retrogott | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AppleCharger BHDrvx64 ccSet_N360 discache eeCtrl IDSVia64 ntiopnp spldr SRTSPX SymIRON SymNetS
Wanarpv6
Error - 02.04.2013 17:02:57 | Computer Name = Retrogott | Source = DCOM | ID = 10005
Description =
Error - 02.04.2013 17:03:03 | Computer Name = Retrogott | Source = DCOM | ID = 10005
Description =
Error - 02.04.2013 17:03:04 | Computer Name = Retrogott | Source = DCOM | ID = 10005
Description =
Error - 02.04.2013 17:03:04 | Computer Name = Retrogott | Source = DCOM | ID = 10005
Description =
Error - 02.04.2013 17:37:15 | Computer Name = Retrogott | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 02.04.2013 17:38:30 | Computer Name = Retrogott | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 02.04.2013 17:38:35 | Computer Name = Retrogott | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
| Vorab schon mal : 
|
02.04.2013, 23:38
Baum-Darstellung