| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Zeroaccess.C / Trojan.Zeroaccess!inf4Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.06.2013, 18:32
| #1 |
| |  Trojan.Zeroaccess.C / Trojan.Zeroaccess!inf4 Guten Tag zusammen, Mein Norton Antivirus muss alle 9min mehrere Angriffe von Trojan.Zeroaccess.C blockieren, leider entfernt es ihn nicht. Nach einen vollständigen Systemscan wird der Trojan.Zeroaccess!inf4 angezeigt, der ein Entfernen von Hand erfordert. An dieser Stelle erhoffe ich mir Hilfe von euch.  Ist mein Erster Post deshalb hoffe ich das alles richtig ist. OTL - Log Code:
ATTFilter OTL logfile created on: 29.06.2013 18:42:05 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,13% Memory free 6,00 Gb Paging File | 4,68 Gb Available in Paging File | 78,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 235,59 Gb Total Space | 60,48 Gb Free Space | 25,67% Space Free | Partition Type: NTFS Drive D: | 3,05 Gb Total Space | 2,96 Gb Free Space | 97,07% Space Free | Partition Type: NTFS Drive F: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive O: | 3,76 Gb Total Space | 1,44 Gb Free Space | 38,38% Space Free | Partition Type: FAT32 Drive P: | 203,76 Gb Total Space | 79,23 Gb Free Space | 38,88% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.29 18:40:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.25 14:24:08 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2012.12.25 14:23:40 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.11.19 19:27:22 | 000,017,408 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2009.08.18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.05.25 06:16:43 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.24 21:17:04 | 000,234,096 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe -- (SXDS10) SRV - [2013.03.21 16:04:53 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai) SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.25 14:24:08 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2012.12.25 14:23:40 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.09.15 12:06:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.07.17 16:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant) SRV - [2012.07.17 16:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe -- (NAV) SRV - [2012.01.05 17:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -- (AxAutoMntSrv) SRV - [2010.12.10 17:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.08 20:52:52 | 000,031,968 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.08.16 12:38:12 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.08.05 14:48:58 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\srtsp64.sys -- (SRTSP) DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ccsetx64.sys -- (ccSet_NAV) DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symefa64.sys -- (SymEFA) DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symnets.sys -- (SymNetS) DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\ironx64.sys -- (SymIRON) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.17 16:08:16 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys -- (WsAudioDevice_383S(1) DRV:64bit: - [2011.08.16 00:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1309010.00E\symds64.sys -- (SymDS) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009.08.18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.09 00:49:16 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.06.10 22:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.07.26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:64bit: - [2008.07.26 15:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2008.07.26 15:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) DRV:64bit: - [2008.07.26 15:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64) DRV - [2013.06.25 21:52:16 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130628.024\ex64.sys -- (NAVEX15) DRV - [2013.06.25 21:52:16 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130628.024\eng64.sys -- (NAVENG) DRV - [2013.05.31 18:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20130620.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2013.03.15 21:42:49 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012.12.29 17:59:26 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012.09.14 20:22:46 | 000,040,672 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\CESG502.SYS -- (PVUSB) DRV - [2012.09.06 04:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20130628.001\IDSviA64.sys -- (IDSVia64) DRV - [2012.07.24 11:39:42 | 000,108,648 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\SleeN1864.sys -- (SLEE_18_DRIVER) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ts=1366862460354&tguid=43169-3580-1366830858932-487644&st=chrome&q= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Delta Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: false FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927" FF - prefs.js..extensions.enabledAddons: escamod%40gmx.net0002:2.0 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.9 FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..keyword.URL: "hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=2.9&ts=1368309633604&tguid=43169-3580-1368309633604-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn\ [2012.08.05 14:49:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.16 18:52:16 | 000,000,000 | ---D | M] [2012.07.24 09:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2013.06.29 18:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\my4md3vw.default\extensions [2013.03.24 10:26:34 | 000,103,962 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\extensions\escamod@gmx.net0002.xpi [2013.05.24 11:06:43 | 000,269,448 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012.07.26 00:05:18 | 000,002,558 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\searchplugins\aol-search.xml [2013.06.29 00:26:01 | 000,006,545 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\searchplugins\babylon.xml [2013.06.29 00:26:29 | 000,001,294 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\searchplugins\delta.xml [2013.05.12 00:01:13 | 000,003,320 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\my4md3vw.default\searchplugins\Web Search.xml [2013.06.29 00:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions [2013.05.25 06:16:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013.05.25 06:16:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.08.05 14:49:05 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPLGN [2013.05.12 00:01:13 | 000,003,320 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml ========== Chrome ========== CHR - default_search_provider: Babylon (Enabled) CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_din2g&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=FAB406195B747D79&affID=119357&tt=250613_gr5&tsp=4927 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - Extension: Delta Toolbar = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\ CHR - Extension: Plus-HD-2.2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.23.10_0\crossrider CHR - Extension: Plus-HD-2.2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.23.10_0\ CHR - Extension: Plus-HD-2.2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.23.6_0\crossrider CHR - Extension: Plus-HD-2.2 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.23.6_0\ CHR - Extension: GoPhoto.it = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\ O1 HOSTS File: ([2012.11.30 11:55:27 | 000,000,937 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com O1 - Hosts: 127.0.0.1 oscount.techsmith.com O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Plus-HD-2.2) - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll (Plus HD) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [SAFE2012 File Redirection Starter] C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe (Steganos Software GmbH) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4345968-D09F-4ABA-83DC-AF265F95C9E6}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6B6DDD5-D6B1-494B-9CFA-4CDE2DC925C7}: DhcpNameServer = 192.168.1.1 192.168.123.254 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.07.28 10:00:55 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{41f615c1-f136-11e1-a701-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{41f615c1-f136-11e1-a701-806e6f6e6963}\Shell\AutoRun\command - "" = N:\setup.exe O33 - MountPoints2\{5732ed07-2b4c-11e2-9968-0019db80cb1b}\Shell - "" = AutoRun O33 - MountPoints2\{5732ed07-2b4c-11e2-9968-0019db80cb1b}\Shell\AutoRun\command - "" = L:\AutoRun.exe O33 - MountPoints2\{5732ed14-2b4c-11e2-9968-0019db80cb1b}\Shell - "" = AutoRun O33 - MountPoints2\{5732ed14-2b4c-11e2-9968-0019db80cb1b}\Shell\AutoRun\command - "" = L:\AutoRun.exe O33 - MountPoints2\{dbd08d87-d560-11e1-a522-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{dbd08d87-d560-11e1-a522-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2010.08.11 06:51:04 | 000,349,992 | R--- | M] (Valve Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.29 18:40:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2013.06.29 03:00:12 | 000,027,256 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\FixZeroAccess.sys [2013.06.29 02:09:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\MinMaxGames [2013.06.29 01:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\dumps [2013.06.29 01:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013.06.29 01:49:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013.06.29 00:26:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender [2013.06.29 00:26:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2013.06.29 00:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.06.29 00:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta [2013.06.29 00:26:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Delta [2013.06.29 00:25:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Babylon [2013.06.27 13:22:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\LogMeIn Hamachi [2013.06.27 13:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.06.27 13:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.06.27 13:11:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\.technic [2013.06.27 13:11:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\.minecraft [2013.06.23 21:01:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\DownloadGuide [2013.06.17 20:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.06.17 18:58:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Wondershare [2013.06.09 19:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2 [2013.06.09 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2 [2013.06.09 06:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [2013.06.09 06:38:32 | 000,029,288 | ---- | C] (Wondershare) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys [2013.06.09 06:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wondershare [2013.06.09 06:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it [2013.06.07 00:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.2 [2013.06.03 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\TrackMania [2013.06.03 09:23:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2013.06.02 21:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0 [2013.06.02 21:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 2.0 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.29 18:40:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2013.06.29 18:33:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120000741-3036561441-1105448708-1000UA.job [2013.06.29 18:29:32 | 000,001,828 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job [2013.06.29 18:27:47 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job [2013.06.29 18:27:02 | 000,001,902 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-chromeinstaller.job [2013.06.29 18:27:02 | 000,001,192 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-updater.job [2013.06.29 18:27:01 | 000,001,196 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-codedownloader.job [2013.06.29 18:27:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-enabler.job [2013.06.29 18:06:36 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.29 18:06:36 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.29 17:59:42 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.29 17:59:42 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2013.06.29 17:59:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.29 17:58:51 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2013.06.29 17:57:00 | 000,000,020 | ---- | M] () -- C:\Users\User\defogger_reenable [2013.06.29 17:56:28 | 000,050,477 | ---- | M] () -- C:\Users\User\Desktop\Defogger.exe [2013.06.29 17:52:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.29 08:38:40 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1120000741-3036561441-1105448708-1000Core.job [2013.06.29 03:00:12 | 000,027,256 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\FixZeroAccess.sys [2013.06.29 02:08:54 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat [2013.06.29 02:04:08 | 000,000,222 | ---- | M] () -- C:\Users\User\Desktop\Space Pirates and Zombies.url [2013.06.29 01:49:24 | 000,000,877 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2013.06.29 00:27:45 | 000,002,001 | ---- | M] () -- C:\Users\User\Desktop\JDownloader.lnk [2013.06.27 13:20:17 | 000,000,886 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2013.06.27 13:12:52 | 001,686,712 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.27 13:12:52 | 000,725,766 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.27 13:12:52 | 000,675,080 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.27 13:12:52 | 000,160,110 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.27 13:12:52 | 000,129,592 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.27 09:43:13 | 000,007,605 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg [2013.06.21 16:19:12 | 003,020,770 | ---- | M] () -- C:\Users\User\Desktop\TechnicLauncher(1).exe [2013.06.11 16:17:58 | 000,001,003 | ---- | M] () -- C:\Users\User\Desktop\AdvanceMap.exe.lnk [2013.06.09 19:20:57 | 000,001,049 | ---- | M] () -- C:\Users\User\Desktop\Cheat Engine.lnk [2013.06.09 06:39:55 | 000,001,305 | ---- | M] () -- C:\Users\User\Desktop\Wondershare Streaming Audio Recorder.lnk [2013.06.09 06:23:15 | 005,662,891 | ---- | M] () -- C:\Users\User\Desktop\Wondershare Streaming Audio Recorder.rar [2013.06.07 16:38:46 | 000,412,357 | ---- | M] () -- C:\Users\User\Desktop\HalleBewerbung.xps [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.29 17:56:59 | 000,000,020 | ---- | C] () -- C:\Users\User\defogger_reenable [2013.06.29 17:56:26 | 000,050,477 | ---- | C] () -- C:\Users\User\Desktop\Defogger.exe [2013.06.29 02:08:54 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2013.06.29 02:04:08 | 000,000,222 | ---- | C] () -- C:\Users\User\Desktop\Space Pirates and Zombies.url [2013.06.29 01:49:24 | 000,000,877 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2013.06.29 00:27:45 | 000,002,001 | ---- | C] () -- C:\Users\User\Desktop\JDownloader.lnk [2013.06.29 00:27:33 | 000,001,965 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2013.06.29 00:27:32 | 000,001,909 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2013.06.29 00:27:31 | 000,001,888 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2013.06.27 13:20:15 | 000,000,886 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2013.06.27 12:54:23 | 003,020,770 | ---- | C] () -- C:\Users\User\Desktop\TechnicLauncher(1).exe [2013.06.27 09:43:13 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg [2013.06.17 20:47:36 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.17 20:47:35 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.11 16:17:58 | 000,001,003 | ---- | C] () -- C:\Users\User\Desktop\AdvanceMap.exe.lnk [2013.06.09 19:20:57 | 000,001,049 | ---- | C] () -- C:\Users\User\Desktop\Cheat Engine.lnk [2013.06.09 06:39:55 | 000,001,305 | ---- | C] () -- C:\Users\User\Desktop\Wondershare Streaming Audio Recorder.lnk [2013.06.07 16:38:41 | 000,412,357 | ---- | C] () -- C:\Users\User\Desktop\HalleBewerbung.xps [2013.06.07 00:27:48 | 000,001,192 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-updater.job [2013.06.07 00:27:43 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-enabler.job [2013.06.07 00:27:27 | 000,001,196 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-codedownloader.job [2013.06.07 00:27:11 | 000,001,828 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job [2013.06.07 00:27:05 | 000,001,902 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-chromeinstaller.job [2013.06.07 00:26:45 | 005,662,891 | ---- | C] () -- C:\Users\User\Desktop\Wondershare Streaming Audio Recorder.rar [2013.05.05 22:07:55 | 000,030,148 | ---- | C] () -- C:\Users\User\AppData\Local\3LB_Marketing-(eActivity)-4.xcp [2013.05.05 22:07:55 | 000,020,635 | ---- | C] () -- C:\Users\User\AppData\Local\InfDeKurs-(eActivity)-1.xcp [2013.05.05 22:07:55 | 000,014,817 | ---- | C] () -- C:\Users\User\AppData\Local\2LB_KTR_BAB-(eActivity)-4.xcp [2013.05.05 22:07:55 | 000,014,195 | ---- | C] () -- C:\Users\User\AppData\Local\AG-VBR-(eActivity)-1.xcp [2013.05.05 22:07:55 | 000,013,299 | ---- | C] () -- C:\Users\User\AppData\Local\5LV_VWLA-(eActivity)-3.xcp [2013.05.05 22:07:55 | 000,010,151 | ---- | C] () -- C:\Users\User\AppData\Local\1LB_PF-(eActivity)-3.xcp [2013.05.05 22:07:55 | 000,009,605 | ---- | C] () -- C:\Users\User\AppData\Local\Fremdfinanzierung-(eActivity)-1.xcp [2013.05.05 22:07:55 | 000,007,836 | ---- | C] () -- C:\Users\User\AppData\Local\X-tras-(eActivity)-4.xcp [2013.05.05 22:07:55 | 000,006,782 | ---- | C] () -- C:\Users\User\AppData\Local\Kanaly-(eActivity)-1.xcp [2013.05.05 22:07:55 | 000,005,731 | ---- | C] () -- C:\Users\User\AppData\Local\KG-VBR-(eActivity)-1.xcp [2013.05.05 22:07:55 | 000,005,153 | ---- | C] () -- C:\Users\User\AppData\Local\Kennz-(eActivity)-1.xcp [2013.05.05 16:57:07 | 000,027,045 | ---- | C] () -- C:\Users\User\AppData\Local\3LB_Marketing-(eActivity)-3.xcp [2013.05.05 16:57:07 | 000,020,635 | ---- | C] () -- C:\Users\User\AppData\Local\InfDeKurs-(eActivity).xcp [2013.05.05 16:57:07 | 000,014,195 | ---- | C] () -- C:\Users\User\AppData\Local\AG-VBR-(eActivity).xcp [2013.05.05 16:57:07 | 000,013,299 | ---- | C] () -- C:\Users\User\AppData\Local\5LV_VWLA-(eActivity)-2.xcp [2013.05.05 16:57:07 | 000,012,221 | ---- | C] () -- C:\Users\User\AppData\Local\2LB_KTR_BAB-(eActivity)-3.xcp [2013.05.05 16:57:07 | 000,009,605 | ---- | C] () -- C:\Users\User\AppData\Local\Fremdfinanzierung-(eActivity).xcp [2013.05.05 16:57:07 | 000,008,377 | ---- | C] () -- C:\Users\User\AppData\Local\1LB_PF-(eActivity)-2.xcp [2013.05.05 16:57:07 | 000,005,731 | ---- | C] () -- C:\Users\User\AppData\Local\KG-VBR-(eActivity).xcp [2013.05.05 16:57:07 | 000,005,667 | ---- | C] () -- C:\Users\User\AppData\Local\Kanaly-(eActivity).xcp [2013.05.05 16:57:07 | 000,005,153 | ---- | C] () -- C:\Users\User\AppData\Local\Kennz-(eActivity).xcp [2013.05.05 16:57:07 | 000,004,652 | ---- | C] () -- C:\Users\User\AppData\Local\VBRVP-(eActivity).xcp [2013.05.05 16:57:07 | 000,004,152 | ---- | C] () -- C:\Users\User\AppData\Local\X-tras-(eActivity)-3.xcp [2013.04.25 15:19:51 | 000,006,594 | ---- | C] () -- C:\Users\User\AppData\Local\X-Tras-(eActivity)-2.xcp [2013.04.25 15:16:19 | 000,001,907 | ---- | C] () -- C:\Users\User\AppData\Local\X-tras-(eActivity)-1.xcp [2013.04.25 06:35:56 | 000,014,431 | ---- | C] () -- C:\Users\User\AppData\Local\Verteilungen-(eActivity)-1.xcp [2013.04.25 06:34:33 | 000,002,259 | ---- | C] () -- C:\Users\User\AppData\Local\DifIntr-(eActivity).xcp [2013.04.25 06:34:28 | 000,014,297 | ---- | C] () -- C:\Users\User\AppData\Local\Verteilungen-(eActivity).xcp [2013.04.25 06:34:26 | 000,009,371 | ---- | C] () -- C:\Users\User\AppData\Local\MatrizenVektor-(eActivity).xcp [2013.04.24 21:14:36 | 000,017,408 | ---- | C] () -- C:\Windows\Launcher.exe [2013.04.14 19:39:54 | 000,877,747 | ---- | C] () -- C:\Users\User\AppData\Local\Tempmusic.ogg [2013.04.13 17:51:37 | 000,017,408 | ---- | C] () -- C:\Users\User\AppData\Local\WebpageIcons.db [2013.03.23 17:42:33 | 000,098,304 | ---- | C] () -- C:\Windows\Lavish.dll [2013.03.15 14:52:44 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2013.03.14 22:14:55 | 000,012,221 | ---- | C] () -- C:\Users\User\AppData\Local\2LB_KTR_BAB-(eActivity)-2.xcp [2013.03.14 22:11:11 | 000,024,544 | ---- | C] () -- C:\Users\User\AppData\Local\3LB_Marketing-(eActivity)-2.xcp [2013.03.14 22:11:11 | 000,013,299 | ---- | C] () -- C:\Users\User\AppData\Local\5LV_VWLA-(eActivity)-1.xcp [2013.03.14 22:11:11 | 000,012,059 | ---- | C] () -- C:\Users\User\AppData\Local\2LB_KTR_BAB-(eActivity)-1.xcp [2013.03.14 22:11:11 | 000,008,377 | ---- | C] () -- C:\Users\User\AppData\Local\1LB_PF-(eActivity)-1.xcp [2013.03.14 22:11:11 | 000,001,907 | ---- | C] () -- C:\Users\User\AppData\Local\X-tras-(eActivity).xcp [2013.03.14 20:46:09 | 000,013,287 | ---- | C] () -- C:\Users\User\AppData\Local\5LV_VWLA-(eActivity).xcp [2013.03.14 17:45:24 | 000,024,535 | ---- | C] () -- C:\Users\User\AppData\Local\3LB_Marketing-(eActivity)-1.xcp [2013.03.14 17:44:58 | 000,024,535 | ---- | C] () -- C:\Users\User\AppData\Local\3LB_Marketing-(eActivity).xcp [2013.03.14 17:44:46 | 000,024,535 | ---- | C] () -- C:\Users\User\AppData\Local\LB3_Marketing-(eActivity).xcp [2013.03.10 22:00:53 | 000,000,879 | ---- | C] () -- C:\Users\User\AppData\Local\Mathhh-(eActivity)-1.xcp [2013.03.10 21:54:46 | 000,000,824 | ---- | C] () -- C:\Users\User\AppData\Local\Mathhh-(eActivity).xcp [2013.03.10 16:16:16 | 000,011,981 | ---- | C] () -- C:\Users\User\AppData\Local\2LB_KTR_BAB-(eActivity).xcp [2013.03.10 12:29:02 | 000,008,368 | ---- | C] () -- C:\Users\User\AppData\Local\1LB_PF-(eActivity).xcp [2013.02.28 22:36:26 | 000,010,779 | ---- | C] () -- C:\Users\User\AppData\Local\MatheLk-(eActivity).xcp [2013.01.25 19:47:36 | 000,151,040 | ---- | C] () -- C:\Windows\SysWow64\lua51_win32.dll [2013.01.25 19:45:00 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2013.01.25 19:31:50 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll [2013.01.22 08:36:41 | 000,000,527 | ---- | C] () -- C:\Users\User\AppData\Local\MatheStochastik-(eActivity)-1.xcp [2013.01.22 08:35:56 | 000,000,527 | ---- | C] () -- C:\Users\User\AppData\Local\MatheStochastik-(eActivity).xcp [2013.01.09 08:13:15 | 000,003,396 | ---- | C] () -- C:\Users\User\AppData\Local\Schnell-(eActivity).xcp [2013.01.02 19:36:52 | 000,018,240 | ---- | C] () -- C:\Users\User\AppData\Local\Kenz erweitert-(eActivity)-1.xcp [2013.01.02 19:36:52 | 000,002,832 | ---- | C] () -- C:\Users\User\AppData\Local\VBR 13 IIHJ-(eActivity)-1.xcp [2013.01.02 19:36:29 | 000,018,240 | ---- | C] () -- C:\Users\User\AppData\Local\Kenz erweitert-(eActivity).xcp [2013.01.02 19:36:29 | 000,017,572 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-7.xcp [2013.01.02 19:36:29 | 000,016,685 | ---- | C] () -- C:\Users\User\AppData\Local\VBR IHJ IIKl-(eActivity)-2.xcp [2013.01.02 19:36:29 | 000,002,832 | ---- | C] () -- C:\Users\User\AppData\Local\VBR 13 IIHJ-(eActivity).xcp [2012.12.25 14:27:31 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat [2012.12.25 14:23:57 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.12.25 14:23:40 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012.12.25 14:23:40 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.12.25 14:22:35 | 001,564,734 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.12.16 10:59:37 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin [2012.12.05 07:26:19 | 000,065,536 | -H-- | C] () -- C:\Windows\SysWow64\WebCamLib.dll [2012.12.02 23:37:23 | 000,017,051 | ---- | C] () -- C:\Users\User\AppData\Local\VBR IHJ IIKl-(eActivity)-1.xcp [2012.12.02 14:09:25 | 000,016,685 | ---- | C] () -- C:\Users\User\AppData\Local\VBR IHJ IIKl-(eActivity).xcp [2012.10.04 07:14:06 | 000,017,572 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-6.xcp [2012.09.24 07:15:36 | 000,017,585 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-5.xcp [2012.09.24 07:15:13 | 000,017,585 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-4.xcp [2012.09.24 07:14:26 | 000,017,585 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-3.xcp [2012.09.16 21:14:18 | 000,013,385 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-2.xcp [2012.09.16 21:14:07 | 000,013,385 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity)-1.xcp [2012.09.15 16:01:49 | 000,011,757 | ---- | C] () -- C:\Users\User\AppData\Local\VBR AG-(eActivity).xcp [2012.07.24 09:55:49 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2012.07.24 09:28:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== ZeroAccess Check ========== [2011.11.17 08:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{055f4c1c-872b-46b6-5346-27841acd03f3}\@ [2011.11.17 08:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{055f4c1c-872b-46b6-5346-27841acd03f3}\L [2013.06.29 18:46:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{055f4c1c-872b-46b6-5346-27841acd03f3}\U [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [2013.06.29 17:59:02 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini [2013.06.29 17:59:02 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.06.27 13:11:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft [2013.06.27 13:12:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.technic [2012.12.05 07:26:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Apowersoft [2013.06.09 07:00:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo [2013.06.29 00:25:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon [2012.08.28 19:22:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canneverbe Limited [2013.06.29 00:26:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Delta [2013.03.15 13:55:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dwarfs [2013.02.07 14:21:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Firefly Studios [2012.12.02 13:38:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GlarySoft [2012.12.24 10:48:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IObit [2013.01.10 01:19:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Langenscheidt [2012.11.29 12:04:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Load [2012.12.08 09:47:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MAGIX [2013.06.29 02:09:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MinMaxGames [2012.12.28 14:08:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDF Experte 8 [2013.04.24 21:14:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SimplyTech [2013.06.29 01:51:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Spotify [2013.01.21 17:05:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Steganos [2012.11.21 14:07:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\temp [2012.07.24 10:07:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software [2013.04.05 10:34:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ubisoft [2013.04.05 10:26:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Auto Shutdown [2013.06.29 18:00:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Care 365 [2013.05.07 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Game Booster [2013.04.05 11:34:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Uninstaller [2013.06.17 18:58:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wondershare [2012.12.20 16:19:01 | 000,000,000 | -HSD | M] -- C:\Users\User\AppData\Roaming\wyUpdate AU ========== Purity Check ========== ========== Files - Unicode (All) ========== [2013.04.01 18:29:08 | 000,030,109 | ---- | M] ()(C:\Users\User\Desktop\??? ?????.docx) -- C:\Users\User\Desktop\Моя Семья.docx [2013.03.28 23:01:00 | 000,030,109 | ---- | C] ()(C:\Users\User\Desktop\??? ?????.docx) -- C:\Users\User\Desktop\Моя Семья.docx < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.06.2013 18:42:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,13% Memory free
6,00 Gb Paging File | 4,68 Gb Available in Paging File | 78,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 235,59 Gb Total Space | 60,48 Gb Free Space | 25,67% Space Free | Partition Type: NTFS
Drive D: | 3,05 Gb Total Space | 2,96 Gb Free Space | 97,07% Space Free | Partition Type: NTFS
Drive F: | 3,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive O: | 3,76 Gb Total Space | 1,44 Gb Free Space | 38,38% Space Free | Partition Type: FAT32
Drive P: | 203,76 Gb Total Space | 79,23 Gb Free Space | 38,88% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56403FFF-145E-35C5-A090-96598BE57FB8}" = Microsoft Visual Basic 2008 Express Edition - DEU
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5E6EC4DD-7B1F-4E10-82B9-EA1B90791031}" = Nero 8
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6910C412-A523-493C-BC22-0213CD7F4F3A}" = IndustrieGigant 2 - Gold Edition
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F1D4E2A-4F74-4BD7-97B0-72C5C7BECB00}" = S4 League_EU
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB2B4C2B-0805-4E06-873D-CECB046A5BE8}" = Camtasia Studio 8
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D06737BC-9887-46E0-A203-29D7FE756019}" = ClassPad Manager v3 Professional
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D922EF97-6657-3075-BC93-A6CF59444E84}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.13
"{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
"{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1" = Screen Recording Suite V2.5.0
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}" = Steganos Safe 2012
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = PDF Experte 8 Ultimate
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Akamai" = Akamai NetSession Interface Service
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CINEMA 4D Release 11" = CINEMA 4D Release 11
"DAEMON Tools Lite" = DAEMON Tools Lite
"delta" = Delta toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 3.0.1
"Fraps" = Fraps (remove only)
"Glary Utilities_is1" = Glary Utilities Pro 2.50.0.1632
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2008 Express Edition - DEU" = Microsoft Visual Basic 2008 Express Edition - DEU
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library für Microsoft Visual Studio 2008 Express Editions
"NAV" = Norton AntiVirus
"Plus-HD-2.2" = Plus-HD-2.2
"Project 64_is1" = Project 64 version 2.0.0.14
"PunkBusterSvc" = PunkBuster Services
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Steam App 107200" = Space Pirates and Zombies
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.2
"WinLems_is1" = WinLems 1.24
"WinLiveSuite" = Windows Live Essentials
"Wise Auto Shutdown_is1" = Wise Auto Shutdown 1.13
"Wise Game Booster_is1" = Wise Game Booster 1.12
"Wise Program Uninstaller_is1" = Wise Program Uninstaller 1.24
"Wondershare Streaming Audio Recorder_is1" = Wondershare Streaming Audio Recorder(Build 2.0.2.3)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.06.2013 03:43:42 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: S4Client.exe, Version: 0.8.32.2091,
Zeitstempel: 0x51b69462 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011eeb ID des fehlerhaften
Prozesses: 0x10e0 Startzeit der fehlerhaften Anwendung: 0x01ce730a0a78afb4 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\S4Client.exe Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
495d80b0-defd-11e2-bd0b-0019db80cb1b
Error - 27.06.2013 03:50:20 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: S4Client.exe, Version: 0.8.32.2091,
Zeitstempel: 0x51b69462 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011eeb ID des fehlerhaften
Prozesses: 0x135c Startzeit der fehlerhaften Anwendung: 0x01ce730af6c48ac2 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\S4Client.exe Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
36f651cf-defe-11e2-bc90-0019db80cb1b
Error - 27.06.2013 03:54:36 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: S4Client.exe, Version: 0.8.32.2091,
Zeitstempel: 0x51b69462 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00011eeb ID des fehlerhaften
Prozesses: 0xa3c Startzeit der fehlerhaften Anwendung: 0x01ce730b8fc86d5f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\S4Client.exe Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
cf737707-defe-11e2-bc90-0019db80cb1b
Error - 27.06.2013 07:33:14 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,
Zeitstempel: 0x518ec3cc Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,
Zeitstempel: 0x518ec306 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9789 ID des fehlerhaften
Prozesses: 0x940 Startzeit der fehlerhaften Anwendung: 0x01ce7329f7e37d4e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
5a138d36-df1d-11e2-bc90-0019db80cb1b
Error - 28.06.2013 19:48:40 | Computer Name = User-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service
BrowserDefendert since QueryServiceConfig API failed System Error: Das System kann
die angegebene Datei nicht finden. .
Error - 28.06.2013 20:13:41 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 21.0.0.4879,
Zeitstempel: 0x518ec367 Name des fehlerhaften Moduls: mozalloc.dll, Version: 21.0.0.4879,
Zeitstempel: 0x518eaa4a Ausnahmecode: 0x80000003 Fehleroffset: 0x00001988 ID des fehlerhaften
Prozesses: 0x1694 Startzeit der fehlerhaften Anwendung: 0x01ce745a8893f476 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll Berichtskennung:
c0a10701-e050-11e2-bc90-0019db80cb1b
Error - 28.06.2013 20:41:06 | Computer Name = User-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddWin32ServiceFiles: Unable to back up image of service
BrowserDefendert since QueryServiceConfig API failed System Error: Das System kann
die angegebene Datei nicht finden. .
Error - 28.06.2013 21:56:48 | Computer Name = User-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 28.06.2013 21:56:49 | Computer Name = User-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 28.06.2013 21:56:49 | Computer Name = User-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
[ OSession Events ]
Error - 26.02.2013 15:24:36 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12888
seconds with 540 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.06.2013 01:48:19 | Computer Name = User-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 29.06.2013 01:48:19 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 29.06.2013 11:59:02 | Computer Name = User-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 29.06.2013 11:59:02 | Computer Name = User-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 29.06.2013 11:59:12 | Computer Name = User-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 29.06.2013 11:59:14 | Computer Name = User-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 29.06.2013 11:59:24 | Computer Name = User-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 29.06.2013 11:59:26 | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.06.2013 11:59:50 | Computer Name = User-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 29.06.2013 11:59:50 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
< End of report >
|
| Themen zu Trojan.Zeroaccess.C / Trojan.Zeroaccess!inf4 |
| adobe reader xi, antivirus, bho, bonjour, browserdefendert, entfernen, error, excel, failed, firefox, flash player, format, gmx.net, google, helper, iexplore.exe, install.exe, logfile, mozilla, msvcr80.dll, msvcrt, object, pirates, plug-in, registry, richtlinie, rundll, security, server, software, spotify web helper, symantec, system error, teamspeak, third party, trojan.zeroaccess!inf4, trojan.zeroaccess.c, version., visual studio, windows |
Baum-Darstellung