Avira meldet : 'TR/Crypt.ZPACK.Gen2' (Trojan) gefunden
Guten Tag
Ich habe seit heut früh ein kleines problem und hoffe mir kann jemand weiterhelfen.
Nach dem anschalten von meinem pc heut früh ist Avira mit der meldung
"In der Datei 'C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MC1QVR01\readme[1].exe' wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan] gefunden " aufgepopt.
Da ich mir unsicher war hab ich netz versucht was zu finden und binn auf eure seite gestoßen.
Ich habe "?leider?" zum teil schon eine anleitung befolgt und zwar die im Thema von User Andy 163 :
Malware bytes mit aktuellem update scannen und 2 Fehler beheben lassen. Code:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.04.28.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
BecksTex :: BECKSTEX-PC [Administrator]
28.04.2012 10:47:20
mbam-log-2012-04-28 (10-47-20).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 232358
Laufzeit: 2 Minute(n), 23 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 1
HKCU\Software\Schmidt-Pro (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll (Exploit.Drop) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
OTL Scannen lassen : Code:
OTL logfile created on: 28.04.2012 11:29:45 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = E:\-- Bunkern --\Neuer Ordner (2)
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,20 Gb Available Physical Memory | 77,46% Memory free
16,00 Gb Paging File | 13,99 Gb Available in Paging File | 87,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,01 Gb Total Space | 1,82 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Drive E: | 248,08 Gb Total Space | 175,32 Gb Free Space | 70,67% Space Free | Partition Type: NTFS
Computer Name: BECKSTEX-PC | User Name: BecksTex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\-- Bunkern --\Neuer Ordner (2)\OTL.exe (OldTimer Tools)
PRC - C:\Users\BecksTex\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\drivers\tifsfilt.sys (Acronis)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8023x64) -- C:\Windows\SysNative\drivers\Rtnic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\BecksTex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.06 11:46:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.27 12:55:09 | 000,000,000 | ---D | M]
[2010.02.27 21:41:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BecksTex\AppData\Roaming\mozilla\Extensions
[2012.03.30 23:25:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BecksTex\AppData\Roaming\mozilla\Firefox\Profiles\dlf39kb2.default\extensions
[2011.07.17 19:57:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\BecksTex\AppData\Roaming\mozilla\Firefox\Profiles\dlf39kb2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.30 23:25:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\BecksTex\AppData\Roaming\mozilla\Firefox\Profiles\dlf39kb2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.08.01 21:57:56 | 000,001,729 | ---- | M] () -- C:\Users\BecksTex\AppData\Roaming\Mozilla\Firefox\Profiles\dlf39kb2.default\searchplugins\linguee-de-en.xml
[2012.03.06 11:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\BECKSTEX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DLF39KB2.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
[2012.03.06 11:46:20 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.03.06 11:46:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.06 11:46:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.06 11:46:18 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.06 11:46:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.06 11:46:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.06 11:46:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.04.18 22:08:03 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\BecksTex\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [RGSC] E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [Steam] E:\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [StoppUhr] File not found
O4 - HKCU..\Run: [Xvid] E:\-- Bunkern --\--- X-Normal ---\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BecksTex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BecksTex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3127CB08-122B-4A79-8B1C-0A9AECCA3237}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48548044-6AC9-44EA-9995-8D80FBB32D84}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A8B3EA3-9564-4F53-90C3-1FD6CF33501F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9BC7FE7-DD16-4978-8622-D143B2260A65}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1f08824b-23bf-11df-8127-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1f08824b-23bf-11df-8127-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{eafe451e-b802-11dc-b0bd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eafe451e-b802-11dc-b0bd-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.04.28 10:54:18 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{810E9BD2-B143-424C-8B6D-A20D2A7C8DE5}
[2012.04.28 10:42:27 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Roaming\Malwarebytes
[2012.04.28 10:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.28 10:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.28 10:42:19 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.04.28 10:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.04.28 10:06:02 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{A5234D2A-EB5C-49B1-905C-5330867A026D}
[2012.04.28 10:05:50 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{D2CBC703-0D6F-45F0-8AEB-B75954CB2F2E}
[2012.04.27 16:40:33 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{F71B9723-B22F-4C39-8E99-FDFFBE146552}
[2012.04.27 16:40:22 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{54D88B78-CFD2-4B94-8DBC-138F96A6397D}
[2012.04.27 15:58:34 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{C4C4F43C-0234-4088-8B45-6DA0056C683E}
[2012.04.27 15:58:23 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{B5CE0373-C578-4BD6-92A1-964ADAE36B75}
[2012.04.27 09:03:14 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{FF2F2916-D730-4CEB-B306-318057EC3BBF}
[2012.04.27 09:03:01 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{60E57104-F166-44E6-A290-52925A26888D}
[2012.04.26 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{44A49428-6033-4AF0-84A0-99C8B1E3AEB6}
[2012.04.26 14:19:02 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{6FB55980-44DE-4D1E-B109-C4FF8087E7BA}
[2012.04.26 11:12:59 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{D13324D6-7CF3-48AF-BF8C-1257B6262F80}
[2012.04.26 11:12:47 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{0A3EB40D-8945-4A1F-B6E7-2595056D8448}
[2012.04.26 08:56:28 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{BEDD0763-BE3A-4316-91FD-25F50E798301}
[2012.04.25 11:03:03 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{5E1D71FE-1965-478B-BD96-121DA429AFCB}
[2012.04.25 08:54:24 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{0A727B01-BEF2-4325-BBF0-53410B1136AF}
[2012.04.25 08:54:13 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{DB929FDB-CFE8-4FBF-8687-04A7D1CEAC77}
[2012.04.24 14:58:13 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{141DCEDC-85C7-4AEB-A0E1-61B6579A3C77}
[2012.04.24 14:58:01 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{88101078-C8C4-4E3A-8020-59EB64C2E6A7}
[2012.04.24 09:10:55 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{D831CA52-C41C-4C77-AD29-F3A41AC8489A}
[2012.04.24 09:10:44 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{78CCD950-1D64-47D4-BE7A-DAC4C8F47BB7}
[2012.04.20 09:47:40 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{5F00EA2E-6772-4539-8527-6556F2177A87}
[2012.04.19 11:41:50 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{79A076E0-4564-4E2D-ADE7-736135CB4914}
[2012.04.19 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{930DFB86-1C16-413E-9039-621F0A8B7C84}
[2012.04.19 10:06:18 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{F8FF6D45-BD56-4085-9F62-0F3C417046AB}
[2012.04.19 07:38:41 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{0E3F1BE2-07BD-4E6F-90B4-6581DE6B6F60}
[2012.04.19 07:38:30 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{DC0D7B5A-0A8B-405E-B85F-7B49E19866F4}
[2012.04.18 14:44:39 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{1FD6CE1E-5AD0-406E-89D6-DB01E68A7D9C}
[2012.04.18 14:44:28 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{A07AD15B-CB01-44CE-8D02-7640E52CF398}
[2012.04.18 09:44:18 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{F1D3ECD5-16CC-40B0-83D4-46854873DF5A}
[2012.04.18 09:44:07 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{8A64BC18-98C0-4676-AF72-B9E811AE55DA}
[2012.04.17 07:54:59 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{BA4287FD-2F6C-4CD0-979B-14EEAAF9C218}
[2012.04.16 20:59:33 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{66A8E057-ED9A-464B-9A32-CA189FC4C402}
[2012.04.16 20:57:03 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.04.16 20:57:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.04.16 20:57:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.04.16 20:57:03 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.04.16 20:57:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.04.16 20:57:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.04.16 20:57:02 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.04.16 20:49:39 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{949455C2-4F66-4F09-9B88-F7BD8959181E}
[2012.04.16 15:29:36 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{A1340136-A899-4452-9735-D16240E92C40}
[2012.04.16 15:29:25 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{72B64259-2B70-43DB-97D1-147AC7AD42AB}
[2012.04.16 15:26:31 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{A23BCE67-1882-4C1C-AA91-BDC3D81BB664}
[2012.04.16 14:06:51 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{CE29593C-5466-44C5-97F3-3D143452A98C}
[2012.04.16 14:06:40 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{DE87DFAE-5E24-4BE7-AF3A-C3162F5ACA6C}
[2012.04.16 09:07:48 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{0A3F9F1A-0261-4051-BA87-928347D038DB}
[2012.04.15 15:29:08 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{3A6332FC-8E22-47A2-9CEE-1555E7372ABD}
[2012.04.15 15:28:56 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{29188468-53C3-4C34-AAB7-1B696834106E}
[2012.04.15 09:39:48 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{393A19A4-B2E2-41A0-A48A-8D6AF19BF46C}
[2012.04.14 14:12:31 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{5CBD91B2-E797-4DDD-B02B-427BBF644EF5}
[2012.04.14 14:12:20 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{DE6F645A-926C-4F74-A492-A6B6C60852A2}
[2012.04.13 14:58:59 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{A399A2DB-D014-478E-A1BA-707031C0B970}
[2012.04.13 14:50:15 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.04.13 14:50:15 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.04.13 14:50:15 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.04.13 14:45:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.04.13 14:45:34 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.04.13 14:45:33 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.04.13 14:24:34 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{81DBC474-C621-47C1-AE11-C0508451940C}
[2012.04.13 14:24:23 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{3E154075-5624-495A-8277-A7A38942F9E0}
[2012.04.13 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{BD3F5FBC-2723-4E70-9098-0F4DABED02B2}
[2012.04.13 13:00:36 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{AC134714-93D3-4C58-9348-1760C74CBFF3}
[2012.04.13 12:28:04 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{E607074E-661A-486F-BC1B-E90CE3EB3C1A}
[2012.04.13 11:41:35 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{68CDEE1A-6A67-49E0-AE79-3CDE56B3EA33}
[2012.04.13 09:26:09 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{16B53D41-E5DF-4AAA-A7B6-7319D433F053}
[2012.04.12 15:54:17 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{C731A5EF-0851-41D9-87D8-50204229FDF6}
[2012.04.12 11:50:28 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{62079027-9CEE-4256-A670-6E1EF21E87C8}
[2012.04.11 09:27:15 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{73AC188E-080D-40FE-9543-D2FFD6F9CAF1}
[2012.04.10 09:37:12 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{9CE338DE-B3FE-43A4-B785-69D72FDB7383}
[2012.04.09 08:50:20 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{D96CA98F-980B-4EAD-B6D5-78ACE2212926}
[2012.04.08 23:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2012.04.08 23:47:55 | 000,049,664 | ---- | C] (CamStudio Group) -- C:\Windows\SysNative\CamCodec.dll
[2012.04.08 12:33:30 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{EEA00481-BA62-4200-9F86-23A715711FEE}
[2012.04.08 08:24:56 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{31A0AF7A-7E88-40DD-9B91-C160149D41E6}
[2012.04.07 15:23:13 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{EDEA7A72-7C56-47A4-820B-45648112BAEA}
[2012.04.07 11:03:44 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{DAB4027F-3B28-4436-A250-55F33742860D}
[2012.04.06 10:11:27 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{36B234DB-392F-4D23-8F57-A801BFA4644E}
[2012.04.05 11:40:21 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{E714EC81-D08A-493F-AC42-03DD03DEDA77}
[2012.04.04 17:57:52 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{83EF05DE-6711-4693-A796-CC0067A1FE28}
[2012.04.03 15:21:13 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{4B423873-A31A-4F5A-BEFE-0DBB0CE53951}
[2012.04.03 14:01:31 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{48BA6600-16DB-4F29-A5A6-728216C6DD6F}
[2012.04.02 23:36:14 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{74AC8C40-A458-470C-A06C-C2AD3A99B6DC}
[2012.04.02 08:42:37 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{3017186C-E99F-4299-8622-D398F34C499D}
[2012.04.01 15:36:58 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{5E11C4A5-A738-4F63-99E7-4532FE9FF000}
[2012.04.01 10:03:37 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{7130C409-A38A-4179-B136-C6D8FCD26A9E}
[2012.03.31 14:53:06 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{9F720C73-75C6-42DB-B070-F9C8E1915A1F}
[2012.03.31 00:42:56 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{80C0F7A3-BE2A-422B-BB9B-B0DF08FA648D}
[2012.03.29 13:38:05 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.03.29 13:36:38 | 000,000,000 | ---D | C] -- C:\Users\BecksTex\AppData\Local\{1B6FFED8-FE61-4DBB-A8ED-E6DFE4ADE1CE}
========== Files - Modified Within 30 Days ==========
[2012.04.28 11:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.28 11:01:32 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.28 11:01:32 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.28 11:00:21 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.28 11:00:21 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.28 11:00:21 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.28 11:00:21 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.28 11:00:21 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.28 10:53:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.28 10:53:27 | 2146,738,175 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.28 10:42:20 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.27 23:00:19 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\Blender 2.63.lnk
[2012.04.27 22:42:27 | 000,166,340 | ---- | M] () -- C:\Users\BecksTex\.recently-used.xbel
[2012.04.24 09:09:52 | 002,875,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.04.22 23:04:00 | 000,000,157 | ---- | M] () -- C:\Users\BecksTex\.gtk-bookmarks
[2012.04.20 09:48:22 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.04.20 09:48:22 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.04.13 14:55:00 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.08 23:47:56 | 000,000,786 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk
[2012.04.04 18:30:29 | 000,001,506 | ---- | M] () -- C:\Users\BecksTex\Desktop\UDKLift.exe - Verknüpfung.lnk
[2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.04.02 23:27:46 | 000,001,662 | ---- | M] () -- C:\Users\BecksTex\Desktop\blender 2.59 ASE Exporter.lnk
========== Files Created - No Company Name ==========
[2012.04.28 10:42:20 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.27 23:00:19 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\Blender 2.63.lnk
[2012.04.27 22:42:27 | 000,166,340 | ---- | C] () -- C:\Users\BecksTex\.recently-used.xbel
[2012.04.22 23:04:00 | 000,000,157 | ---- | C] () -- C:\Users\BecksTex\.gtk-bookmarks
[2012.04.08 23:47:56 | 000,000,786 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio-Recorder.lnk
[2012.04.04 18:28:40 | 000,001,506 | ---- | C] () -- C:\Users\BecksTex\Desktop\UDKLift.exe - Verknüpfung.lnk
[2012.04.04 17:53:05 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.02 23:27:46 | 000,001,662 | ---- | C] () -- C:\Users\BecksTex\Desktop\blender 2.59 ASE Exporter.lnk
[2012.03.29 13:38:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.03.27 12:56:42 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.03.27 12:56:42 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.11.29 18:27:29 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.11.29 11:40:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2011.10.30 00:12:53 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.08.04 12:59:29 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.08.04 12:55:38 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.03.28 21:31:54 | 000,020,827 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.01.13 05:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.06.13 20:56:47 | 002,444,656 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_apb.exe
[2010.06.04 11:22:12 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
========== LOP Check ==========
[2011.09.21 12:52:25 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\Blender Foundation
[2011.11.06 17:33:08 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\com.gugga.radiomini
[2011.07.17 19:58:05 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\DVDVideoSoft
[2011.07.17 19:57:49 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.07.11 08:17:06 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\GetRightToGo
[2012.04.27 22:42:27 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\gtk-2.0
[2011.10.30 00:11:48 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\ICQ
[2011.09.18 21:43:35 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\MonoDevelop-Unity
[2011.11.14 23:31:03 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\Origin
[2011.04.09 18:11:45 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\PACE Anti-Piracy
[2010.11.21 21:58:42 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\TS3Client
[2011.04.09 18:12:59 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\Unity
[2011.08.06 16:00:28 | 000,000,000 | ---D | M] -- C:\Users\BecksTex\AppData\Roaming\Wizards of the Coast
[2012.03.15 20:31:04 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 1255 bytes -> C:\Users\BecksTex\AppData\Local\Temp:gfnxq86m2WUgMR7dtu7PifvaXW2g
@Alternate Data Stream - 1187 bytes -> C:\Users\BecksTex\AppData\Local\QDctpOXq:wko6OQdly3ZWhAdvaCbkhS
@Alternate Data Stream - 1021 bytes -> C:\ProgramData\Microsoft:rDaNZLXA3M5Xrz7upFOK
@Alternate Data Stream - 1011 bytes -> C:\ProgramData\Microsoft:0hf5pNEoVhHbVUUsLsJ7vj
< End of report >
Extras: Code:
OTL Extras logfile created on: 28.04.2012 11:29:45 - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = E:\-- Bunkern --\Neuer Ordner (2)
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,20 Gb Available Physical Memory | 77,46% Memory free
16,00 Gb Paging File | 13,99 Gb Available in Paging File | 87,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50,01 Gb Total Space | 1,82 Gb Free Space | 3,65% Space Free | Partition Type: NTFS
Drive E: | 248,08 Gb Total Space | 175,32 Gb Free Space | 70,67% Space Free | Partition Type: NTFS
Computer Name: BECKSTEX-PC | User Name: BecksTex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{736A1858-3CA8-4DAD-9C52-81038191CBA7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AAC97134-D62C-42D8-BB56-3F4826AD2FF5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A059BF-F78E-4725-988F-10C8C5FC8377}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{0774A9C5-AFF7-4AEA-ABA2-73CBC9C72133}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AB8031B-780B-4C2C-99D4-D7D191004D79}" = protocol=6 | dir=in | app=e:\crysis 2 demo\bin32\crysis2launcher.exe |
"{0EF1DE24-0886-4F50-9470-86D6DDEF9136}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{15221030-DDD0-42FD-A02A-B49926E1911B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{16074EEE-5301-408F-B35E-FFAFFEDDB2E8}" = protocol=6 | dir=in | app=e:\-- win 7 games --\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{18C69FE5-80ED-4F61-A8A7-779CF71E68EA}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{20551486-66CC-41AE-AD94-5F008093A9D4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{225B20A5-572B-4D36-9889-B06C126EA1FA}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{2829EBA5-4539-4560-BAC8-7B4A7A1716AF}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{28FC1F11-0B42-46E9-8168-FBB8D43AA4FD}" = protocol=17 | dir=in | app=e:\-- win 7 games --\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{2A140C99-0814-4A75-BF77-D3E7E35A9183}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{2E3CD1A0-93D3-4FA4-B056-728AD6BB8F2E}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\metro 2033\metro2033.exe |
"{33620097-A135-4414-9BC8-736CF78523A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{33F77201-3806-487D-8D09-A3DE0ED0CDEF}" = protocol=6 | dir=in | app=e:\battlefield bad company 2\bfbc2updater.exe |
"{360F6F60-0B99-4552-9362-D29C11AD646C}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\just cause 2\justcause2.exe |
"{375F4A09-0C6D-4B83-AC61-08D7422C3C7D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3FDA4E9B-F294-492D-A035-83C9F3E0A9F7}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\dead island\deadislandgame.exe |
"{427251CE-C777-48F2-A985-BEAF35C5F3F0}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\kane & lynch 2 - dog days\kl2.exe |
"{45B2E09E-6BDE-4E96-8E3F-B95F8812C66C}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{463B31C7-ED29-4E29-BDCB-13306AA77FAF}" = protocol=17 | dir=in | app=e:\origin\games\battlefield 3\bf3.exe |
"{4982632F-CCA8-429E-8C1B-0E85F74C450A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4B8605E5-1C9B-4401-92E5-F884DACD9840}" = protocol=6 | dir=in | app=e:\-- win 7 games --\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"{52CB1D91-4AB2-4294-8919-3D6717B38F07}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{52DFF820-B7F7-4E2F-806D-B7DC01197CE6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53EEA72D-3F52-4E01-8DCC-CD7C5F626081}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{57B5EF64-B575-4C84-949F-C2B575D5808D}" = protocol=6 | dir=in | app=e:\apb reloaded\binaries\vivoxvoiceservice.exe |
"{5FD5694D-8C3D-465D-A5BB-B1DFFB5E70DC}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{61AFA57C-1F3F-464E-A4E0-B025473603D5}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{627EF4F9-6D23-4DD5-9A42-78AF5FB01571}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6A90CF06-AE11-4A42-88AD-F68FF0A6DB18}" = protocol=6 | dir=in | app=e:\origin\games\battlefield 3\bf3.exe |
"{6CDB8031-AAEA-416E-83D5-647C2F74507D}" = protocol=6 | dir=in | app=e:\apb reloaded\binaries\apb.exe |
"{6CF8E11E-46EE-4853-A41F-56E583AE6F2E}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{6FAA88D2-4ADD-421E-A5D6-FD17ACB9BD62}" = protocol=17 | dir=in | app=e:\battlefield bad company 2\bfbc2updater.exe |
"{705E3527-08CF-4E8E-B10B-C9C9E3053837}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{717BD042-D189-4387-9362-79CEA628EAB4}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\rage\rage.exe |
"{72F8BA45-D95C-48AD-AF08-C9F5F675BE4E}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\penumbra black plague\redist\penumbra.exe |
"{74BD87E0-9C04-4E64-9EE4-BD632EE159E6}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{764AA17E-927F-4DF8-87C7-17939451B9F3}" = protocol=17 | dir=in | app=e:\crysis 2 demo\bin32\crysis2launcher.exe |
"{7CBF51A2-A869-443D-A431-A8D2F5846DB7}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{7D9A44EC-B3E3-4ED3-989B-711ABD0382C0}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{7EE5FAF7-3311-49E7-A8F7-F0586F2FA127}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{84FDD0E8-F909-4702-8F85-EA01D96D1E17}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\game_launcher.exe |
"{86B2E615-9E72-4605-B04E-29F7088124C5}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\metro 2033\metro2033.exe |
"{8B36613F-0CA1-4489-9D0B-58B16037255D}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\beckstex\counter-strike source\hl2.exe |
"{906E0688-22D7-45D3-AAEF-2B44C6285FD2}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{9B1048A5-02C7-454D-A798-BB205A15CE16}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9B3DB6B0-A93D-4E71-8C90-FF1D5FA54487}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\game_launcher.exe |
"{A0BD20E2-F81C-4E0A-AF37-6D46C8D2E41C}" = protocol=17 | dir=in | app=e:\apb reloaded\binaries\apb.exe |
"{A6108433-FED4-411A-A7DB-1F44F6289FB3}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\rage\rage.exe |
"{A719BABC-2C1F-42D3-B83A-DF38D0E81A99}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AE7EDD94-02C3-4AA4-959B-A77F2BD906C9}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{B5BAE2FB-42BD-464F-8485-B0E65E3F0642}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steam.exe |
"{B662B1AF-7F97-40FF-BB44-60EC35ED2D50}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B6E5D142-AA4A-4830-9752-68072E8D89B3}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{B9449718-67FA-43A8-A49D-EE04DE885390}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\saintsrowthethird.exe |
"{BF82640E-6C33-4347-A052-29B7FBDA626C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C32C95E8-3511-405B-914C-9C360FF19C0C}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\beckstex\counter-strike source\hl2.exe |
"{C3EE6982-A87C-45B4-9C50-5BBBE311695B}" = protocol=6 | dir=in | app=e:\-- win 7 games --\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{C5F637BD-BD7E-4A63-A210-C7C8AF3A9912}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C666F71D-F2F8-430A-BF54-C2FB78BAAC0B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CBF56BAE-E417-4B94-BBBC-DF7357CF0FFB}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\kane & lynch 2 - dog days\kl2.exe |
"{D0697E75-E5AE-491F-A9C3-8B02862755A6}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{D2D975D8-04B3-4C86-B64D-66CEA287DE8E}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\saints row the third\saintsrowthethird_dx11.exe |
"{D3CED8CA-5A70-4902-A75C-D80E63AA3B3A}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{D4DD42A2-502B-46AB-8EDA-51B28D5D03B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7011896-003D-48FC-84C9-CEB27627850C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DBD72B9E-CDB2-4C07-A2C6-D7D565D686F7}" = protocol=17 | dir=in | app=e:\-- win 7 games --\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"{DCE7BE74-2A03-4C3F-8CE0-1C75AEF873BA}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\devil may cry 4\devilmaycry4_dx9.exe |
"{DE47052E-161F-4012-97FE-8399894813E6}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{E175923D-61F9-49DD-BCC5-2ED7136DFFCD}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{E376059E-3BE8-49AF-8840-2D9EF00BC0C0}" = protocol=17 | dir=in | app=c:\users\beckstex\appdata\local\akamai\netsession_win.exe |
"{E7945F20-9078-4D08-8F78-457A52334465}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\just cause 2\justcause2.exe |
"{E80FF0EA-6C32-443C-844B-86F698222E55}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{E913F3A9-CD42-4BCB-AC2E-194EBD9FB23E}" = protocol=17 | dir=in | app=e:\apb reloaded\binaries\vivoxvoiceservice.exe |
"{EB928617-5DA9-4073-9045-D528EBA79E64}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\devil may cry 4\devilmaycry4_dx10.exe |
"{EE56C57E-6D3D-4F5E-87D8-CC3B2B1EA0AB}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steam.exe |
"{F2CB859E-8105-412D-B6F4-E1697FD2FD59}" = protocol=6 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\penumbra black plague\redist\requiem.exe |
"{F87EEE7F-6EB0-49EB-9E81-B0D96BD23C6B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{FAB420A4-A515-4E0F-82A0-AE41460A6B36}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{FAE97286-78D6-48B1-BE49-922652D87929}" = protocol=6 | dir=in | app=c:\users\beckstex\appdata\local\akamai\netsession_win.exe |
"{FC4D9127-DE32-44EE-8270-59E1A144C41A}" = protocol=17 | dir=in | app=e:\-- win 7 games --\battlefield bad company 2 - beta\bfbc2betaupdater.exe |
"{FE53AA48-BCD0-47BF-A690-AACFEB8A1F7A}" = protocol=17 | dir=in | app=e:\-- win 7 games --\steam\steamapps\common\dead island\deadislandgame.exe |
"TCP Query User{06F627EE-34EE-4DF7-9013-2889062E8C75}E:\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=e:\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"TCP Query User{271ADDCD-6486-41FD-B1B6-AFC88EFDE4F1}E:\udk\udk-2011-08\binaries\win64\udk.exe" = protocol=6 | dir=in | app=e:\udk\udk-2011-08\binaries\win64\udk.exe |
"TCP Query User{2C443A55-8E74-471E-8397-EB04F6A0C62C}E:\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=e:\crysis 2 demo\bin32\crysis2demo.exe |
"TCP Query User{3DAA23E9-E38E-4620-883F-DFA37B6EE170}C:\users\beckstex\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\beckstex\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6051D4B4-8AEF-4FDE-A4D1-9A885849C8C0}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win64\udk.exe" = protocol=6 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win64\udk.exe |
"TCP Query User{680C6746-8A89-459C-94BC-4DB1B3F69AC9}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win32\udk.exe" = protocol=6 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win32\udk.exe |
"TCP Query User{6D085BAD-D073-4F72-92F0-A43CEF9AC27E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{777B97B3-E1F0-4AAD-8D8F-EE73529F9DAB}E:\unity\monodevelop\bin\monodevelop.exe" = protocol=6 | dir=in | app=e:\unity\monodevelop\bin\monodevelop.exe |
"TCP Query User{7D9722EA-24B1-463E-B7CC-82CE234D10E4}E:\unity\editor\unity.exe" = protocol=6 | dir=in | app=e:\unity\editor\unity.exe |
"TCP Query User{9BE01664-07C9-45D0-9AE0-831AEE4005BF}E:\udk\udk-2011-08\binaries\win32\udk.exe" = protocol=6 | dir=in | app=e:\udk\udk-2011-08\binaries\win32\udk.exe |
"TCP Query User{B0C374BD-BA11-4FE4-9781-B1F6CC5F1B47}E:\apb europe\binaries\apb.exe" = protocol=6 | dir=in | app=e:\apb europe\binaries\apb.exe |
"TCP Query User{B8C68E3B-7CD1-4C6F-9B91-771C69904255}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\swarmagent.exe" = protocol=6 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\swarmagent.exe |
"TCP Query User{D0DA330A-BC72-4553-8DBC-5400690C3BD4}E:\-- bunkern --\-- game stuff --\magic online\mtgoiii_helper.exe" = protocol=6 | dir=in | app=e:\-- bunkern --\-- game stuff --\magic online\mtgoiii_helper.exe |
"TCP Query User{E971F3ED-6414-4FA4-B160-A6A38B09D522}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{EA02F8E4-E931-432E-BFD4-E875E7114427}E:\gamespy\comrade\comrade.exe" = protocol=6 | dir=in | app=e:\gamespy\comrade\comrade.exe |
"TCP Query User{F85C3338-C658-4C65-89F6-751A3CB482FA}E:\udk\udk-2011-08\binaries\swarmagent.exe" = protocol=6 | dir=in | app=e:\udk\udk-2011-08\binaries\swarmagent.exe |
"TCP Query User{F8CD99EF-28E1-46FB-A107-99BCC54DFD06}E:\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=e:\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{FD7E3E88-3B62-40E5-8AB4-DA4CF4D636EE}E:\unity\monodevelop\bin\mdhost.exe" = protocol=6 | dir=in | app=e:\unity\monodevelop\bin\mdhost.exe |
"UDP Query User{03314C20-33DF-4CFA-8F55-BF43E2463491}E:\udk\udk-2011-08\binaries\win64\udk.exe" = protocol=17 | dir=in | app=e:\udk\udk-2011-08\binaries\win64\udk.exe |
"UDP Query User{21DC246A-39E2-4213-9ABA-14E76A06AB8F}E:\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=e:\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{27E3F4D7-8D8E-4F26-9079-17535890AD64}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win64\udk.exe" = protocol=17 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win64\udk.exe |
"UDP Query User{3A12DC9C-F2CA-4A99-9688-03D62074B566}E:\udk\udk-2011-08\binaries\swarmagent.exe" = protocol=17 | dir=in | app=e:\udk\udk-2011-08\binaries\swarmagent.exe |
"UDP Query User{40E0578E-285E-45AA-A847-BB95C324C87E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{4BBBA327-ED4F-47BB-BD60-0A2EF99D831A}E:\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=e:\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{53809F27-5E9C-49A7-BC16-737762BFA386}E:\unity\monodevelop\bin\monodevelop.exe" = protocol=17 | dir=in | app=e:\unity\monodevelop\bin\monodevelop.exe |
"UDP Query User{67815314-873E-4296-AA76-4D4C21329B66}E:\udk\udk-2011-08\binaries\win32\udk.exe" = protocol=17 | dir=in | app=e:\udk\udk-2011-08\binaries\win32\udk.exe |
"UDP Query User{6C626E2E-7679-4BBB-95BA-40971B6168C6}E:\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=e:\tom clancy's splinter cell double agent\scda-offline\system\splintercell4.exe |
"UDP Query User{767EEDEE-4658-4856-969F-42D7001C4AA6}E:\-- bunkern --\-- game stuff --\magic online\mtgoiii_helper.exe" = protocol=17 | dir=in | app=e:\-- bunkern --\-- game stuff --\magic online\mtgoiii_helper.exe |
"UDP Query User{7A633E86-206A-4F89-89E7-1AA172860D51}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\swarmagent.exe" = protocol=17 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\swarmagent.exe |
"UDP Query User{90A79A8F-2856-455A-94F3-236431C90074}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{A08C2F22-CA84-444B-81AE-30827121A811}E:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win32\udk.exe" = protocol=17 | dir=in | app=e:\-- bunkern --\-- unreal dev kit --\udk-2012-03\binaries\win32\udk.exe |
"UDP Query User{A31E2CC4-85B4-4942-8990-679B22A37653}E:\apb europe\binaries\apb.exe" = protocol=17 | dir=in | app=e:\apb europe\binaries\apb.exe |
"UDP Query User{A4FF0E99-5C69-4AF6-98FC-B616ED135ACB}C:\users\beckstex\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\beckstex\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B834DE6E-A904-4F5B-8E78-03EB0E3F4476}E:\unity\monodevelop\bin\mdhost.exe" = protocol=17 | dir=in | app=e:\unity\monodevelop\bin\mdhost.exe |
"UDP Query User{BA686B8E-9E20-40B5-A3A6-3DD2F0D44BC2}E:\gamespy\comrade\comrade.exe" = protocol=17 | dir=in | app=e:\gamespy\comrade\comrade.exe |
"UDP Query User{C876E79F-71EF-4A31-BE4C-BA7E3B1B97C9}E:\unity\editor\unity.exe" = protocol=17 | dir=in | app=e:\unity\editor\unity.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{2E295B5B-1AD4-4d36-97C2-A316084722C0}" = Python 2.7.2 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{903029FE-FA82-427B-916C-AD08185DA3C2}" = Microsoft Xbox 360 Accessories 1.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2506D00-0BED-11E1-8CD3-782BCBACDE13}" = OpenRL Redistributable 1.0 R2 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Blender" = Blender
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Pen Tablet Driver" = Bamboo
"UDK-7ca75454-dbb8-473c-aacf-199f7c76e1ab" = Unreal Development Kit: 2011-08
"UDK-c153804d-9d9e-4e17-aff0-8f2e9859cb46" = Unreal Development Kit: 2012-03
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F781FAE-0BED-11E1-A311-782BCBACDE13}" = OpenRL Redistributable 1.0 R2 x86
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Programm für Prozessor-IDs
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}" = Magic Online
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis*True*Image*WD*Edition
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E239F8B2-AE00-467D-9F05-47C8E1FAAFA7}" = WD Align - Powered by Acronis
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"APB Reloaded" = APB Reloaded
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"FormatFactory" = FormatFactory 2.60
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.1.715
"GamersFirst LIVE!" = GamersFirst LIVE!
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MaPZone2.Free" = Allegorithmic MaPZone2.Free
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SpeedFan" = SpeedFan (remove only)
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 22120" = Penumbra: Black Plague
"Steam App 22140" = Penumbra: Requiem
"Steam App 28000" = Kane & Lynch 2: Dog Days
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 43110" = Metro 2033
"Steam App 45700" = Devil May Cry 4
"Steam App 550" = Left 4 Dead 2
"Steam App 55230" = Saints Row: The Third
"Steam App 8190" = Just Cause 2
"Steam App 91310" = Dead Island
"Steam App 9200" = RAGE
"VLC media player" = VLC media player 1.1.1
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only)
"x264vfw64" = x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only)
"xNormal 3.17.9" = xNormal 3.17.9
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
CCleaner Programm Liste Exportiert : Code:
Acronis*True*Image*WD*Edition Acronis 16.09.2010 215MB 11.0.8312
Adobe AIR Adobe Systems Incorporated 05.11.2011 3.0.0.4080
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 03.03.2010 10.0.45.2
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 19.04.2012 6,00MB 11.2.202.233
Adobe Flash Player 9 ActiveX Adobe Systems 02.05.2011 9
Adobe Media Player Adobe Systems Incorporated 15.03.2010 1.1
Adobe Reader 9 - Deutsch Adobe Systems Incorporated 27.02.2010 232MB 9.0.0
Adobe Shockwave Player 11.6 Adobe Systems, Inc. 10.11.2011 11.6.1.629
Akamai NetSession Interface 25.12.2011
Akamai NetSession Interface Service 15.11.2011
Allegorithmic MaPZone2.Free 08.11.2011
APB Reloaded 30.04.2011 1.3.3.560517
Apple Application Support Apple Inc. 24.04.2010 39,7MB 1.2.1
Apple Software Update Apple Inc. 24.04.2010 2,16MB 2.1.1.116
Avira AntiVir Personal - Free Antivirus Avira GmbH 25.02.2012 90,4MB 10.2.0.707
Bamboo Wacom Technology Corp. 25.01.2012 5.2.5-5
Battlefield 3™ Electronic Arts 31.10.2011 1.0.0.0
Battlelog Web Plugins EA Digital Illusions CE AB 18.12.2011 1.104.0
BattlEye for OA Uninstall 19.06.2011
Blender Blender Foundation 26.04.2012 2.63-release
Call of Duty: Modern Warfare 2 Infinity Ward 27.02.2010
Call of Duty: Modern Warfare 2 - Multiplayer Infinity Ward 27.02.2010
CamStudio OSS Desktop Recorder CamStudio Open Source Dev Team 07.04.2012 14,9MB 2.6 Beta r294
CCleaner Piriform 27.04.2012 3.18
Counter-Strike: Source Valve 27.02.2010 3.844MB 1.0.0.0
Dead Island 08.09.2011
Deus Ex: Human Revolution Eidos Montreal 25.08.2011
Devil May Cry 4 Capcom 01.07.2011
EAX4 Unified Redist Creative Labs 22.05.2011 0,16MB 4.001
ESN Sonar ESN Social Software AB 13.11.2011 0.70.0
FormatFactory 2.60 Free Time 14.01.2011 2.60
Fraps 12.03.2010
Free YouTube to MP3 Converter version 3.10.1.715 DVDVideoSoft Limited. 16.07.2011 48,1MB
Futuremark SystemInfo Futuremark Corporation 21.05.2011 4.0.0.0
GamersFirst LIVE! GamersFirst 30.04.2011
GIMP 2.6.11 The GIMP Team 17.03.2012 107,7MB 2.6.11
HP USB Disk Storage Format Tool 16.09.2010
Intel(R) Programm für Prozessor-IDs Intel Corporation 01.04.2011 3,47MB 3.7.0000
Java(TM) 6 Update 31 Oracle 03.03.2012 95,1MB 6.0.310
Java(TM) 7 Update 3 Oracle 26.03.2012 99,2MB 7.0.30
Java(TM) 7 Update 3 (64-bit) Oracle 26.03.2012 93,7MB 7.0.30
Just Cause 2 Avalanche Studios 25.03.2010
Kane & Lynch 2: Dog Days IO Interactive 02.12.2011
Left 4 Dead 2 Valve 06.07.2011
Magic Online Wizards of the Coast 05.08.2011 3.00.0000
Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 27.04.2012 18,0MB 1.61.0.1400
Metro 2033 THQ 10.10.2011
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 14.09.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 14.09.2010 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 03.04.2012 52,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 03.04.2012 10,7MB 4.0.30319
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Corporation 20.09.2011 13,8MB 3.5.30730.0
Microsoft Silverlight Microsoft Corporation 26.02.2012 134,3MB 4.1.10111.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.06.2011 0,29MB 8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 25.03.2010 0,20MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 20.11.2010 0,25MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 26.02.2010 0,77MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 17.06.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 12.03.2010 1,42MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 26.02.2010 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 17.06.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 27.03.2012 13,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 05.10.2011 15,0MB 10.0.40219
Microsoft Xbox 360 Accessories 1.1 Microsoft 01.07.2011 7,37MB 1.10.123.0
Mozilla Firefox 10.0.2 (x86 de) Mozilla 05.03.2012 37,2MB 10.0.2
No23 Recorder No23 23.04.2010 3,20MB 2.1.0.3
NVIDIA 3D Vision Controller-Treiber 296.10 NVIDIA Corporation 17.03.2012 296.10
NVIDIA 3D Vision Treiber 296.10 NVIDIA Corporation 17.03.2012 296.10
NVIDIA Grafiktreiber 296.10 NVIDIA Corporation 17.03.2012 296.10
NVIDIA HD-Audiotreiber 1.3.12.0 NVIDIA Corporation 17.03.2012 1.3.12.0
NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Corporation 17.03.2012 9.12.0213
NVIDIA Update 1.7.11 NVIDIA Corporation 17.03.2012 1.7.11
OpenAL 07.04.2011
OpenRL Redistributable 1.0 R2 x64 Caustic Graphics, Inc. 26.03.2012 9,07MB 1.0.29020.0
OpenRL Redistributable 1.0 R2 x86 Caustic Graphics, Inc. 26.03.2012 7,03MB 1.0.29020.0
Origin Electronic Arts, Inc. 15.11.2011 8.3.7.3619
Pando Media Booster Pando Networks Inc. 04.05.2011 5,47MB 2.3.5.6
Penumbra: Black Plague Frictional Games 07.04.2011
Penumbra: Requiem Frictional Games 08.04.2011
PunkBuster Services Even Balance, Inc. 03.02.2012 0.993
Python 2.7.2 (64-bit) Python Software Foundation 06.11.2011 52,8MB 2.7.2150
QuickTime Apple Inc. 24.04.2010 73,8MB 7.66.71.0
RAGE 06.10.2011
RocketDock 1.3.5 Punk Software 26.02.2010
Saints Row: The Third Volition 28.11.2011
SpeedFan (remove only) 27.02.2010
Spybot - Search & Destroy Safer Networking Limited 27.02.2010 1.6.2
Steam Valve Corporation 14.03.2012 35,5MB 1.0.0.0
SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 eRightSoft 03.08.2011 42,7MB v2011.build.49
Tom Clancy's Splinter Cell: Conviction Ubisoft 02.12.2011
Ubisoft Game Launcher UBISOFT 03.12.2011 1.0.0.0
Unity Web Player Unity Technologies ApS 17.09.2011 12,0MB
Unreal Development Kit: 2011-08 Epic Games, Inc. 18.09.2011
Unreal Development Kit: 2012-03 Epic Games, Inc. 03.04.2012
VLC media player 1.1.1 VideoLAN 22.07.2010 1.1.1
WD Align - Powered by Acronis Acronis 22.12.2010 48,4MB 1.0.316
WebTablet FB Plugin Wacom Technology Corp. 25.01.2012 2.0.0.1
WebTablet IE Plugin Wacom Technology Corp. 25.01.2012 1.1.0.12
WebTablet Netscape Plugin Wacom Technology Corp. 25.01.2012 1.1.0.10
Winamp Nullsoft, Inc 15.08.2011 5.621
Winamp Erkennungs-Plug-in Nullsoft, Inc 15.08.2011 75,00KB 1.0.0.1
Windows Installer Clean Up Microsoft Corporation 17.04.2010 0,30MB 3.00.00.0000
Windows Live Essentials Microsoft Corporation 12.12.2011 15.4.3538.0513
Windows Live Sync Microsoft Corporation 02.05.2011 2,79MB 14.0.8117.416
Windows Movie Maker 2.6 Microsoft Corporation 25.03.2010 12,3MB 2.6.4038.0
WinRAR 27.02.2010
x264vfw - H.264/MPEG-4 AVC codec (remove only) 26.03.2012
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) 26.03.2012
xNormal 3.17.9 Santiago Orgaz 26.03.2012
Xvid Video Codec Xvid Team 26.03.2012 1.3.2
Avira Ereignisse : Code:
Exportierte Ereignisse:
28.04.2012 11:57 [Guard] Engine neu geladen
Die Engine wurde neu geladen.
Engine Version: 8.02.10.58
VDF Version: 7.11.28.226
28.04.2012 11:57 [Updater] Update erfolgreich durchgeführt
Update von Avira AntiVir Personal - Free Antivirus auf Computer BECKSTEX-PC
(192.168.1.33) erfolgreich durchgeführt.
Folgende Dateien wurden von hxxp://62.146.66.181/update aktualisiert:
vbase023.vdf 7.11.28.99
vbase024.vdf 7.11.28.133
vbase025.vdf 7.11.28.183
vbase026.vdf 7.11.28.184
vbase027.vdf 7.11.28.185
vbase028.vdf 7.11.28.186
vbase029.vdf 7.11.28.187
vbase030.vdf 7.11.28.188
vbase031.vdf 7.11.28.226
aevdf.dat 7.11.28.226
aegen.dll 8.1.5.28
aehelp.dll 8.1.20.0
aeheur.dll 8.1.4.21
aeoffice.dll 8.1.2.28
aescript.dll 8.1.4.18
aeexp.dll 8.1.0.33
aeset.dat 8.2.10.58
28.04.2012 11:48 [Planer] Auftrag gestartet
Auftrag "startupd_job_ex"
wurde erfolgreich gestartet.
28.04.2012 11:02 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\MC1QVR01\readme[1].exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:53 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
28.04.2012 10:53 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
28.04.2012 10:52 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
28.04.2012 10:52 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
28.04.2012 10:51 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:49 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:49 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:41 [Scanner] Malware gefunden
Die Datei 'C:\Users\BecksTex\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Content.IE5\MC1QVR01\readme[1].exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ignoriert.
28.04.2012 10:41 [Scanner] Malware gefunden
Die Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ignoriert.
28.04.2012 10:41 [Scanner] Suchlauf
Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
Anzahl Dateien: 29
Anzahl Verzeichnisse: 0
Anzahl Malware: 2
Anzahl Warnungen: 2
28.04.2012 10:21 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff erlauben
28.04.2012 10:21 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\MC1QVR01\readme[1].exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff erlauben
28.04.2012 10:21 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:21 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:21 [Guard] Malware gefunden
In der Datei 'C:\Users\BecksTex\AppData\Local\Temp\wpbt0.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
28.04.2012 10:05 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
28.04.2012 10:05 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
28.04.2012 00:22 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
28.04.2012 00:22 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
28.04.2012 00:09 [Guard] Malware gefunden
In der Datei
'C:\Users\BecksTex\AppData\Local\Mozilla\Firefox\Profiles\dlf39kb2.default\Cache
\1\FD\A9223d01'
wurde ein Virus oder unerwünschtes Programm 'EXP/Pdfjsc.AAP' [exploit] gefunden.
Ausgeführte Aktion: Zugriff verweigern
27.04.2012 16:39 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
27.04.2012 16:39 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
27.04.2012 16:05 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
27.04.2012 16:05 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
27.04.2012 15:57 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
27.04.2012 15:57 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
27.04.2012 14:58 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
27.04.2012 14:58 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
27.04.2012 09:02 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
27.04.2012 09:02 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
27.04.2012 00:05 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
27.04.2012 00:05 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 14:18 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
26.04.2012 14:18 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
26.04.2012 12:06 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 12:06 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 11:12 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
26.04.2012 11:12 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
26.04.2012 10:21 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 10:21 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 08:55 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
26.04.2012 08:55 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
26.04.2012 00:19 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
26.04.2012 00:19 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
25.04.2012 11:02 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
25.04.2012 11:02 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
25.04.2012 10:37 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
25.04.2012 10:37 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
25.04.2012 08:53 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
25.04.2012 08:53 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
24.04.2012 23:46 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 23:46 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 14:57 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
24.04.2012 14:57 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
24.04.2012 14:03 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 14:03 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 12:26 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
24.04.2012 12:26 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
24.04.2012 11:47 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 11:47 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 09:10 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
24.04.2012 09:09 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.52
VDF Version: 7.11.28.80
24.04.2012 00:22 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
24.04.2012 00:22 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
23.04.2012 09:47 [Guard] Engine neu geladen
Die Engine wurde neu geladen.
Engine Version: 8.02.10.52
VDF Version: 7.11.28.80
23.04.2012 09:47 [Updater] Update erfolgreich durchgeführt
Update von Avira AntiVir Personal - Free Antivirus auf Computer BECKSTEX-PC
(192.168.1.33) erfolgreich durchgeführt.
Folgende Dateien wurden von hxxp://80.190.143.228/update aktualisiert:
vbase031.vdf 7.11.28.80
aevdf.dat 7.11.28.80
23.04.2012 09:47 [Planer] Auftrag gestartet
Auftrag "Tägliches Update"
wurde erfolgreich gestartet.
22.04.2012 09:47 [Updater] Update erfolgreich durchgeführt
Update auf Computer BECKSTEX-PC (192.168.1.33) von hxxp://62.146.66.181/update
wurde erfolgreich durchgeführt.
Es sind keine neuen Engine/VDF Dateien verfügbar.
22.04.2012 09:47 [Planer] Auftrag gestartet
Auftrag "Tägliches Update"
wurde erfolgreich gestartet.
21.04.2012 09:47 [Guard] Engine neu geladen
Die Engine wurde neu geladen.
Engine Version: 8.02.10.52
VDF Version: 7.11.28.70
21.04.2012 09:47 [Updater] Update erfolgreich durchgeführt
Update von Avira AntiVir Personal - Free Antivirus auf Computer BECKSTEX-PC
(192.168.1.33) erfolgreich durchgeführt.
Folgende Dateien wurden von hxxp://62.146.66.183/update aktualisiert:
vbase018.vdf 7.11.27.107
vbase019.vdf 7.11.27.159
vbase020.vdf 7.11.27.201
vbase021.vdf 7.11.28.3
vbase022.vdf 7.11.28.49
vbase023.vdf 7.11.28.50
vbase024.vdf 7.11.28.51
vbase025.vdf 7.11.28.52
vbase026.vdf 7.11.28.53
vbase027.vdf 7.11.28.54
vbase028.vdf 7.11.28.55
vbase029.vdf 7.11.28.56
vbase030.vdf 7.11.28.57
vbase031.vdf 7.11.28.70
aevdf.dat 7.11.28.70
antivir0.rdf 10.0.0.95
aegen.dll 8.1.5.27
aeheur.dll 8.1.4.19
aescript.dll 8.1.4.17
aeexp.dll 8.1.0.29
aeset.dat 8.2.10.52
21.04.2012 09:47 [Planer] Auftrag gestartet
Auftrag "Tägliches Update"
wurde erfolgreich gestartet.
20.04.2012 09:47 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 10.0.0.21
20.04.2012 09:47 [Guard] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 10.0.1.59
Engine Version: 8.2.10.38
VDF Version: 7.11.27.72
20.04.2012 00:33 [Guard] Dienst gestoppt
Der Dienst wurde gestoppt.
20.04.2012 00:33 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
die Avira Ereignisse hab ich extra ab 20.04 gekürtzt weil davor alles als blau makiert ist (info). wenn nötig poste ich gern die komplette liste.
Da ich nun ein wenig auf dem schlauch stehe wie ich weiter verfahren soll hab ich hier erst mal gestoppt und wollt mal nachfragen ob mir da jemand helfen kann.
:dankeschoen: |
