Zitat:
Scan-Einstellungen => Standard wählen => OK => Link "Arbeitsplatz" anklicken
| Entweder bin ich blind oder die Einstellung gibts es beim Kaspersky - Onlinescanner nichtmehr.
Probleme ala Fake Security Guard 2012 hatte ich bisher nichtmehr, allerdings hat Malwarebytes Anti-Malware, Kaspersky - Onlinescanner, als auch mein eigener Malware-Scanner noch Schaddatein gefunden.
Ich hab die Scans in der Reihenfolge, in der ich die Logs gepostet hab, durchgeführt.
Malwarebytes Anti-Malware hat auch nach den Scans von Kaspersky - Onlinescanner nichts mehr gefunden. Zitat:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.31.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: *** [Administrator]
31.08.2012 19:35:50
mbam-log-2012-08-31 (19-35-50).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 367123
Laufzeit: 15 Minute(n), 23 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\7177265-4e6c11eb (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\df441ad-581b1c43 (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
| Zitat:
<#main-container> <#system-category> <#malware-category>
<#vulnerabilities-category> <#other-category>
<hxxp://redirect.kaspersky.com/sales?ppcs-id=2924&act-pid=kss&act-pv=12.0.1.117&act-local=de&scenario-num=1&scan-type=Full&scan-visible=Loud&type=bannerbrowser&rpe=1>
Detaillierter Bericht
Gefundene Probleme
Untersuchungsdatum:
Update-Datum der Antiviren-Datenbanken:
Produktversion: *31.08.2012 20:46*
*31.08.2012 16:53*
*12.0.1.117*
Computerschutz (2)
Informationen zum installierten Antiviren-Programm und der Firewall auf
dem Computer.
Kaspersky Lab empfiehlt
<hxxp://redirect.kaspersky.com/sales?ppcs-id=2924&act-pid=kss&act-pv=12.0.1.117&act-local=de&scenario-num=1&scan-type=Full&scan-visible=Loud&type=protection&rpe=1>
Das Antiviren-Programm wurde deaktiviert.
Firewall ist deaktiviert.
Schädliche Programme (3)
Informationen zu den auf dem Computer gefundenen Schadprogrammen.
Kaspersky Lab empfiehlt
<hxxp://redirect.kaspersky.com/sales?ppcs-id=2924&act-pid=kss&act-pv=12.0.1.117&act-local=de&scenario-num=1&scan-type=Full&scan-visible=Loud&type=malware&rpe=1>
1.
HEUR:Exploit.Java.CVE-2012-4681.gen
5f5ef8b6-570f4b8e
C:\Documents and Settings\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54
2.
HEUR:Exploit.Java.CVE-2012-4681.gen
26f956c7-1d1f7d03
C:\Documents and Settings\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7
3.
HEUR:Exploit.Java.CVE-2012-4681.gen
43854423-156037f7
C:\Documents and Settings\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35
Schwachstellen (1)
Informationen zu den Programmen und Komponenten des Betriebssystems, in
denen Schwachstellen gefunden wurden.
1.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
Andere Probleme (9)
Informationen zu Schwachstellen, die mit den Einstellungen der
installierten Programme und des Betriebssystems zusammenhängen.
1.
"Autostart von Festplatten ist aktiviert"
2.
"Autostart von Netzlaufwerken ist aktiviert"
3.
"Autostart von CD/DVD ist aktiviert"
4.
"Autostart von Wechseldatenträgern ist aktiviert"
5.
"Microsoft Internet Explorer: Zwischenspeicherung von über
geschützten Kanal empfangenen Daten ist aktiviert"
6.
"Microsoft Internet Explorer: Senden von Fehlerberichten deaktivieren"
7.
"Microsoft Internet Explorer: Liste der Ausnahmen für den
Popupblocker leeren"
8.
"Microsoft Internet Explorer: Automatisches Leeren des
Zwischenspeichers beim Beenden des Browsers aktivieren"
9.
"Microsoft Internet Explorer: Startseite leeren" | Zitat:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 31.08.2012 21:18:38
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, E:\, F:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 31.08.2012 21:19:59
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\26f956c7-1d1f7d03 -> Solobey.class gefunden: Exploit.Java.CVE-2012!E2
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\26f956c7-1d1f7d03 -> Ini.class gefunden: Java.CVE!E2
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\43854423-156037f7 -> Ini.class gefunden: Java.CVE!E2
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\43854423-156037f7 -> Solobey.class gefunden: Exploit.Java.CVE-2012!E2
Gescannt 623157
Gefunden 4
Scan Ende: 31.08.2012 21:38:54
Scan Zeit: 0:18:55
| OTL Logfile: Code:
OTL logfile created on: 31.08.2012 21:04:56 - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,30% Memory free
15,99 Gb Paging File | 13,56 Gb Available in Paging File | 84,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,37 Gb Total Space | 162,95 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 280,23 Gb Free Space | 30,08% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 17,66 Gb Free Space | 1,90% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - C:\Program Files (x86)\K10Stat\K10STAT.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files (x86)\K10Stat\K10STAT.exe ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CTXFIGER.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (DAUpdaterSvc) -- E:\Spiele\Steam\SteamApps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (nlsvc) -- C:\Programme\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ha20x22k) -- C:\Windows\SysNative\drivers\ha20x22k.sys (Creative Technology Ltd)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH)
DRV - (AODDriver4.1) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH)
DRV - (nltdi) -- C:\Programme\NetLimiter 3\nltdi.sys (Locktime Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\K10Stat\WinRing0x64.sys (OpenLibSys.org)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 61 C6 2D 3E A0 87 CD 01 [binary data]
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.searchEnginesURL: "hxxp://www.google.de/search?hl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q="
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: foxgame2@foxgame.org:2.0 Beta
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: extension@virtusdesigns.com:3.6.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ce951a80-a291-11df-981c-0800200c9a66}:0.921
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..keyword.URL: "hxxp://www.afodo.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=8mOuBvid&q="
FF - prefs.js..network.proxy.backup.ftp: "83.137.26.25"
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: "83.137.26.25"
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: "83.137.26.25"
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.30 10:05:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.16 21:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2012.07.16 18:12:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.07.25 22:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\l37cib2o.default\extensions
[2012.07.16 18:15:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\l37cib2o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.16 18:15:16 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\l37cib2o.default\extensions\foxyproxy@eric.h.jung
[2012.07.16 18:15:16 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\l37cib2o.default\extensions\ich@maltegoetz.de
[2012.07.16 18:12:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.11 19:38:13 | 000,021,093 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L37CIB2O.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI
[2012.02.15 18:26:44 | 000,123,007 | ---- | M] () (No name found) -- C:\USERS\***\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L37CIB2O.DEFAULT\EXTENSIONS\MAFIAAFIRE@MAFIAAFIRE.COM.XPI
[2012.08.30 10:05:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 10:05:23 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.08.31 18:12:41 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Core Temp.lnk = File not found
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\K10STAT.lnk = C:\Program Files (x86)\K10Stat\K10STAT.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{527F3D1B-4D90-4099-8982-E89F6ED2EF1E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.08.31 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.08.31 19:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.31 19:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.31 19:31:35 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.31 19:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.31 18:13:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.08.31 18:12:42 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.08.31 14:10:32 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.08.31 14:10:32 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.08.31 14:10:32 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.08.31 14:10:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.08.31 14:09:03 | 004,741,772 | R--- | C] (Swearware) -- C:\Users\***\Desktop\schrauber.exe
[2012.08.29 13:25:50 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\tomax
[2012.08.29 11:45:46 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.29 11:10:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SpeedyPC Software
[2012.08.29 11:10:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DriverCure
[2012.08.29 11:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012.08.29 09:56:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.08.28 10:22:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.28 10:22:29 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.28 10:22:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.28 10:22:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.28 10:22:25 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.28 10:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.08.28 09:36:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\EurekaLog
[2012.08.28 09:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\7531E8D0D03CF80F00001DA8F875F002
[2012.08.23 20:33:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Locktime
[2012.08.23 20:28:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
[2012.08.23 20:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2012.08.23 20:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2012.08.23 20:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.08.23 20:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2012.08.23 20:24:06 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Guild Wars 2
[2012.08.22 01:46:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Diablo III
[2012.08.22 01:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.08.22 01:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012.08.22 01:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.08.22 00:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012.08.20 11:06:00 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Shiner
[2012.08.16 17:00:53 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps
[2012.08.15 06:49:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.15 06:49:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.15 06:49:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.15 06:49:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.15 06:49:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.15 06:49:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.15 06:49:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.15 06:49:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.15 06:49:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.15 06:49:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.15 06:49:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.15 06:49:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 06:49:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 06:48:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 06:48:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 06:48:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 06:48:34 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 06:48:34 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 06:48:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 06:48:33 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 06:48:32 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.14 16:56:59 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\LOLReplay
[2012.08.14 14:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2012.08.14 14:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2012.08.14 14:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2012.08.14 14:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter
[2012.08.14 14:10:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2012.08.14 14:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2012.08.14 14:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2012.08.14 14:09:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV
[2012.08.14 14:09:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012.08.14 14:09:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.31 20:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.31 20:13:35 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.08.31 20:03:19 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 20:03:19 | 000,013,728 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 20:00:33 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.31 20:00:33 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.31 20:00:33 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.31 20:00:33 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.31 20:00:33 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.31 19:54:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.31 19:54:34 | 2144,755,711 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 19:54:01 | 000,061,948 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2012.08.31 19:54:01 | 000,061,948 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2012.08.31 19:54:01 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000002-00000000-00000000-00001102-0000000B-00411102}.rfx
[2012.08.31 19:31:36 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.31 18:24:56 | 000,052,882 | ---- | M] () -- C:\ComboFix.rar
[2012.08.31 18:17:44 | 000,078,040 | ---- | M] () -- C:\DeQuarantine.rar
[2012.08.31 18:12:41 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.08.31 14:09:14 | 004,741,772 | R--- | M] (Swearware) -- C:\Users\***\Desktop\schrauber.exe
[2012.08.31 07:32:30 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.08.29 12:32:39 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.08.29 11:45:47 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.28 20:20:24 | 000,007,607 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.08.28 10:34:43 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.28 10:34:43 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.28 10:22:22 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.28 10:22:22 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.28 10:22:22 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.28 10:22:22 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.28 10:22:22 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.28 10:22:22 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.23 20:34:46 | 000,001,090 | ---- | M] () -- C:\Users\***\Desktop\NetLimiter 3.lnk
[2012.08.23 20:24:25 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.22 13:33:41 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.08.22 13:33:41 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.08.22 13:33:41 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.08.22 13:33:41 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.08.22 13:33:41 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012.08.22 01:14:22 | 000,001,211 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.08.15 06:52:15 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.14 14:09:46 | 000,001,039 | ---- | M] () -- C:\Users\***\Desktop\KMPlayer.lnk
[2012.08.14 13:49:15 | 000,000,000 | ---- | M] () -- C:\Windows\graphedt.INI
[2012.08.03 07:37:17 | 000,001,764 | ---- | M] () -- C:\Users\***\Desktop\DAOrigins.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.31 19:31:36 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.31 18:24:56 | 000,052,882 | ---- | C] () -- C:\ComboFix.rar
[2012.08.31 18:17:44 | 000,078,040 | ---- | C] () -- C:\DeQuarantine.rar
[2012.08.31 14:10:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.08.31 14:10:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.08.31 14:10:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.08.31 14:10:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.08.31 14:10:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.08.31 07:32:30 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.08.29 12:32:39 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.08.28 10:34:43 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.27 09:35:19 | 000,007,607 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.08.23 20:34:46 | 000,001,090 | ---- | C] () -- C:\Users\***\Desktop\NetLimiter 3.lnk
[2012.08.23 20:24:25 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.08.22 01:00:26 | 000,001,211 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.08.14 16:56:42 | 000,002,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2012.08.14 14:11:19 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.14 14:11:08 | 001,202,688 | ---- | C] () -- C:\Windows\SysNative\ac3filter64.acm
[2012.08.14 14:11:08 | 000,965,120 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm
[2012.08.14 14:09:46 | 000,001,039 | ---- | C] () -- C:\Users\***\Desktop\KMPlayer.lnk
[2012.08.14 13:49:15 | 000,000,000 | ---- | C] () -- C:\Windows\graphedt.INI
[2012.08.03 07:36:29 | 000,001,764 | ---- | C] () -- C:\Users\***\Desktop\DAOrigins.lnk
[2012.07.16 22:05:54 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.07.16 22:05:54 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.07.16 22:05:45 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2012.07.16 18:28:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.11 18:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 18:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.06.01 13:45:02 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
========== LOP Check ==========
[2012.08.29 11:10:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DriverCure
[2012.08.28 09:36:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EurekaLog
[2012.08.29 20:24:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Free Download Manager
[2012.07.16 22:11:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FreePDF
[2012.07.16 20:21:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView
[2012.07.16 21:25:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2012.07.16 20:34:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2012.08.29 11:10:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SpeedyPC Software
[2012.08.24 01:07:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify
[2012.07.16 21:32:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2012.08.28 09:38:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2009.07.14 07:08:49 | 000,025,326 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 31.08.2012 21:04:56 - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,94 Gb Available Physical Memory | 74,30% Memory free
15,99 Gb Paging File | 13,56 Gb Available in Paging File | 84,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,37 Gb Total Space | 162,95 Gb Free Space | 68,36% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 280,23 Gb Free Space | 30,08% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 17,66 Gb Free Space | 1,90% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{073AC382-ABFC-4993-B562-CF2DA4EB00D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{07FDBFCC-0923-40E9-833E-2C8E36C95114}" = rport=138 | protocol=17 | dir=out | app=system |
"{085B64CB-F952-4F49-ABED-D848FE767105}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BC71F73-4718-4012-8793-A63013D0A31C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C8C6391-3538-46E1-9077-D547C46DB7A1}" = lport=138 | protocol=17 | dir=in | app=system |
"{1E550B42-CDFB-400F-85EB-6EBB2352BC36}" = lport=137 | protocol=17 | dir=in | app=system |
"{23E1F73B-BEB5-474F-A892-26C0F09FF604}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CE86A1D-849A-4B5B-9A3D-83F0A084CFCF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2E2298C1-F26B-49AA-B6D5-2425CC8E372B}" = rport=139 | protocol=6 | dir=out | app=system |
"{37B33F02-8DC7-4852-8A23-BDB1028F2AD9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B590ED2-E222-4786-A89C-2B964740DB8B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{477F8B3A-0885-4969-AB6D-91DD2C8F7706}" = lport=445 | protocol=6 | dir=in | app=system |
"{694ABF03-55B6-4399-A1AA-959A3C1FEF20}" = rport=445 | protocol=6 | dir=out | app=system |
"{69E70D45-FFAA-416D-B36F-BDC08D87C97E}" = lport=139 | protocol=6 | dir=in | app=system |
"{715C85D5-1257-458B-8055-C0423BC55705}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79DDAEF2-7E50-4F26-AFCE-4EADE35BC1E4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8B6C48E3-35D5-4642-AEC3-18A59C311356}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A720DF12-8200-44C4-BC60-36D2AD8DD747}" = rport=137 | protocol=17 | dir=out | app=system |
"{A9FDD8B6-7010-4BAB-8579-1F7BD36E22D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C665BF13-23AB-4C65-B6BC-F2266A26906A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D6C7B62B-D678-4AF5-991A-A41C5BF532BD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A15C77-B1C8-4E3A-AB66-0552BB317EC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{048ABB42-8871-4E27-9B5C-EEB1BEE53A15}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{09FFAF8C-09C5-45CD-9598-0755B4DC7001}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B0B00A7-51C6-4491-B8B9-5DD8122D5D88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D311E50-739C-49D6-8E13-F21D0011CA93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0DF1BBEA-75FD-4C8B-8590-CD727B60EC54}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{0E1A7ED2-67C9-4243-A42B-1D35AF9028FD}" = protocol=6 | dir=in | app=e:\spiele\steam\steam.exe |
"{13EEC892-7076-401B-92D9-BD95B74284B8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1E564380-123D-4F95-AC96-E7F91790C7DF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1EF95C05-91C1-4EF5-A984-742F585B96B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{259740AF-4988-4651-88BC-7A71EF8C9D97}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{2610DA5C-AEE7-40A5-9D0E-3C983D7DF71B}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dawn of war ii - retribution\dow2.exe |
"{273A2067-F4A3-454F-ADEE-E89E6E09BEDF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{27F31972-AC76-44CF-8317-7472FE393191}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"{2C53F59C-1F82-44AD-8F70-68ED63B1DFB7}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{2DB33853-7C68-495E-B453-A63B46570947}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{34293F39-0867-4F0D-AD52-55201C315C5A}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dragon age ultimate edition\bin_ship\daupdatersvc.service.exe |
"{3530384F-9160-47A6-B84D-6D143B0F3DC7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{404B71E9-1595-47A9-A75D-8127CE449132}" = protocol=17 | dir=in | app=e:\spiele\steam\steam.exe |
"{44BCAF1C-4923-4D8B-A470-32B40397DBD9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{46C5C109-62FD-4128-B229-186891509EC1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{488274F5-F35D-4186-88D6-DA1080832AE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{52FF5BBB-3A38-4761-B2AE-6D79787A7D71}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5D046DBE-287E-440A-9095-9033A4E33B2E}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{5F5CB4DF-3036-40E2-B186-454425589447}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{666DCA64-1D6B-4BBA-B83D-B79C6F8E7715}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{70124F5E-2A18-4139-AAD2-6DF7B2A99217}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{79D7A777-DE57-4446-A453-7BBBAC981B20}" = protocol=6 | dir=out | app=system |
"{7A65CB6C-7A53-495F-B9BA-699CAC6C2357}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\dragon age ultimate edition\daoriginslauncher.exe |
"{7E056B6E-2A7E-4EFA-9378-9B96D271913A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{838AADD7-A1F6-46DD-B4BC-C1516A35381A}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{86DA817F-3626-46C2-8BB1-88E2A5D091C9}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{8AD51CC3-B9BB-425D-A59D-93FDADDEF4B2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{95C32ADA-1D17-40AC-A7DB-17955C982C95}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"{AB9A4C44-4340-4D41-8891-7086195EDB54}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AC70D23E-7689-42BA-A337-EA87B9ABCFFD}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B50EB3BD-661C-4EB2-8538-B56AFCEE97D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C2E2B71C-4BBC-41D0-9229-253BFA4EBEC3}" = protocol=6 | dir=in | app=e:\spiele\steam\steamapps\common\magic 2013\dotp_d13.exe |
"{C4D03E05-B4C0-439D-A331-34D0F66B9102}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DCA51740-FE2D-4E63-A866-C673594CC244}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE9B008F-9EA1-4405-B45F-E5425B77C94D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E59E76C7-CEE4-4A52-8B4A-F06E886C0E02}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E8C0153A-8904-4DC9-BC5D-23EE13F9AADF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F325A0AC-0F4E-4363-8EB5-A23A0C657785}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7942B44-6BDA-4DD2-AB57-93461C0A94EE}" = protocol=17 | dir=in | app=e:\spiele\steam\steamapps\common\dragon age ultimate edition\bin_ship\daupdatersvc.service.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.2.4902 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{401E03EC-1644-1B0A-B8D3-C40477ADCEC4}" = AMD Drag and Drop Transcoding
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{936D0DCE-9C2A-7D4C-0E96-7D5B40206DD1}" = AMD Fuel
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{BABA4667-CF82-B330-A8E5-6E8A09B2D911}" = AMD Accelerated Video Transcoding
"{CB500A52-1B84-CA65-BB07-D092FCE39E42}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GPL Ghostscript 9.04" = GPL Ghostscript
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Unlocker" = Unlocker 1.9.1-x64
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{3BB4634D-CEE5-7AB0-D78D-EA263389A8AB}" = AMD VISION Engine Control Center
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{74E9DD22-03B1-DE37-C677-4796ACECE6A7}" = CCC Help German
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 US
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C41E46F9-0F37-8379-E792-B323021FA4BB}" = Catalyst Control Center Localization All
"{E12ABE6F-830C-AE8F-29EA-76FEC5F2D376}" = Catalyst Control Center Graphics Previews Common
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"5513-1208-7298-9440" = JDownloader 0.9
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AudioCS" = Creative Audio-Systemsteuerung
"Console Launcher" = Creative Konsole Starter
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Diablo III" = Diablo III
"DTS Connect Pack" = DTS Connect Pack
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Free Download Manager_is1" = Free Download Manager 3.9
"FreePDF_XP" = FreePDF (Remove only)
"Guild Wars 2" = Guild Wars 2
"HaaliMkx" = Haali Media Splitter
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Patrizier II Gold_is1" = Patrizier II Gold
"Steam App 201790" = Orcs Must Die! 2
"Steam App 440" = Team Fortress 2
"Steam App 47810" = Dragon Age: Origins - Ultimate Edition
"Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
"Steam App 730" = Counter-Strike: Global Offensive Beta
"Steam App 97330" = Magic: The Gathering - Duels of the Planeswalkers 2013
"The KMPlayer" = The KMPlayer (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2684858517-2524363210-3736746821-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.08.2012 04:53:06 | Computer Name = *** | Source = VSS | ID = 8193
Description =
Error - 29.08.2012 04:53:06 | Computer Name = *** | Source = System Restore | ID = 8193
Description =
Error - 29.08.2012 05:55:36 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 29.08.2012 18:45:18 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4f7e4d8c Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x660 Startzeit der fehlerhaften Anwendung: 0x01cd86170d60b69b
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
3473c39f-f22b-11e1-b863-00241dd5eaea
Error - 30.08.2012 06:17:18 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "e:\downloads\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.08.2012 19:20:00 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4f7e4d8c Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x640 Startzeit der fehlerhaften Anwendung: 0x01cd867bea2ccc3d
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
37dab549-f2f9-11e1-b482-00241dd5eaea
Error - 31.08.2012 02:32:55 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 31.08.2012 08:40:03 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4f7e4d8c Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x638 Startzeit der fehlerhaften Anwendung: 0x01cd873968e53e65
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
fbda6339-f368-11e1-bc54-00241dd5eaea
Error - 31.08.2012 12:11:56 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4f7e4d8c Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x68c Startzeit der fehlerhaften Anwendung: 0x01cd8775d6da7298
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
9563f919-f386-11e1-8136-00241dd5eaea
Error - 31.08.2012 13:53:51 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Fuel.Service.exe, Version: 1.0.0.0,
Zeitstempel: 0x4f7e4d8c Name des fehlerhaften Moduls: Device.dll, Version: 4.1.0.0,
Zeitstempel: 0x4f55e10b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000033c1
ID
des fehlerhaften Prozesses: 0x658 Startzeit der fehlerhaften Anwendung: 0x01cd879370f35e17
Pfad
der fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Berichtskennung:
d2383af2-f394-11e1-aec2-00241dd5eaea
[ System Events ]
Error - 31.08.2012 08:40:03 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 31.08.2012 08:40:45 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 31.08.2012 11:31:25 | Computer Name = *** | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Emsisoft Anti-Malware 6.6 - Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error - 31.08.2012 11:42:36 | Computer Name = *** | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 31.08.2012 11:44:17 | Computer Name = *** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\schrauber\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 31.08.2012 11:44:17 | Computer Name = *** | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\schrauber\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 31.08.2012 12:11:52 | Computer Name = *** | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 31.08.2012 12:11:56 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 31.08.2012 12:12:39 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 31.08.2012 13:53:51 | Computer Name = *** | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
< End of report > --- --- --- |