| |
| |||||||
Log-Analyse und Auswertung: Backdoor Virus: Maus zeigt permanent Hintergrundaktivität anWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.09.2011, 19:33
| #1 |
 |  Backdoor Virus: Maus zeigt permanent Hintergrundaktivität an Hallo seit einigen Tagen zeigt bei mir die Maus auch an, das permanent etwas im Hintergrund läuft. Da ich noch ein relativ neues System habe, ist es bei mir nicht so, das mein Computer sehr langsam ist, aber die CPU ist schon definitiv höher! wenn es noch möglich ist, würde ich lieber eine Systemreinigung durchführen, ansonsten werde ich wohl neuaufsetzten müssen. PS: irgend wie kann ich kein GMER Logfile posten, weil wenn ich das Tool durchlaufen lasse, kommt nach einer Zeit (ich glaube im Energiesparmodus) ein BlueScreen von Windows. Dann muss ich zwangsweise runterfahren und hab den Log nicht. Hier ein OTL log Code:
ATTFilter OTL logfile created on: 16.09.2011 20:15:11 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Leo Maeser\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,13% Memory free 6,50 Gb Paging File | 5,15 Gb Available in Paging File | 79,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,66 Gb Total Space | 160,23 Gb Free Space | 34,41% Space Free | Partition Type: NTFS Computer Name: MMAESER-PC | User Name: Leo Maeser | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.09.16 20:11:12 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Leo Maeser\Desktop\OTL.exe PRC - [2011.07.07 12:31:38 | 000,424,264 | ---- | M] (Splashtop Inc.) -- C:\Programme\Splashtop\Splashtop Remote\Server\SRService.exe PRC - [2011.07.04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.05.20 07:56:26 | 000,439,744 | ---- | M] (PPLive Corporation) -- C:\Programme\Common Files\PPLiveNetwork\PPAP.exe PRC - [2011.04.12 14:48:26 | 002,023,280 | ---- | M] (皮皮科技) -- C:\pipi\jfCacheMgr.exe PRC - [2011.03.08 04:39:36 | 000,341,832 | ---- | M] (Splashtop Inc.) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe PRC - [2010.02.24 05:25:30 | 000,214,408 | ---- | M] (PPStream Inc) -- C:\Programme\PPStream\PPSAP.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008.08.06 12:16:42 | 000,159,744 | ---- | M] (Linksys LLC - A Division of Cisco Systems) -- C:\Programme\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe PRC - [2008.06.26 14:52:42 | 000,204,800 | ---- | M] () -- C:\Programme\Linksys\Linksys Updater\bin\LinksysUpdater.exe PRC - [2008.05.16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Programme\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2008.05.16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Programme\Common Files\Pure Networks Shared\Platform\nmctxth.exe ========== Modules (No Company Name) ========== MOD - [2011.09.15 18:50:47 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll MOD - [2011.09.15 18:50:03 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll MOD - [2011.09.15 18:49:42 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll MOD - [2011.09.15 18:49:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll MOD - [2011.09.15 18:46:28 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011.09.15 18:45:54 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011.09.14 17:19:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll MOD - [2011.09.14 17:19:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll MOD - [2011.09.14 17:19:43 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011.09.14 17:19:37 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011.06.29 12:36:32 | 000,996,712 | ---- | M] () -- C:\Programme\Common Files\PPLiveNetwork\MngModule.dll MOD - [2011.03.02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.12.15 12:28:02 | 000,243,112 | ---- | M] () -- C:\Programme\Common Files\PPLiveNetwork\TipsClient.dll MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.09.20 07:07:14 | 000,516,864 | ---- | M] () -- C:\Programme\Common Files\PPLiveNetwork\sqlite3.dll MOD - [2010.09.20 07:06:58 | 000,143,720 | ---- | M] () -- C:\Programme\Common Files\PPLiveNetwork\kernel\FWUpnp.dll MOD - [2009.10.23 18:01:58 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2009.07.14 10:47:20 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2008.05.16 06:18:58 | 000,103,472 | ---- | M] () -- C:\Programme\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll MOD - [2008.05.16 06:18:58 | 000,038,960 | ---- | M] () -- C:\Programme\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (TSUSVC) SRV - [2011.09.11 07:52:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.08.01 21:14:32 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai) SRV - [2011.07.07 12:31:38 | 000,424,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService) SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2011.03.22 14:29:02 | 002,421,384 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV - [2011.03.08 04:39:36 | 000,341,832 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService) SRV - [2010.09.17 11:15:56 | 000,016,248 | ---- | M] (PIPI) [Auto | Stopped] -- C:\pipi\PIPIStartSvr.exe -- (PIPIStartSvr) SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008.06.26 14:52:42 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater) SRV - [2008.05.16 06:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) ========== Driver Services (SafeList) ========== DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.07.04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.02.23 08:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.02.25 16:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2010.01.29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Programme\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2009.12.08 14:13:56 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.10.18 09:46:32 | 000,015,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\mmaeser\AppData\Local\Temp\cportclm.sys -- (cportclm) DRV - [2009.06.19 12:59:10 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009.06.19 12:59:04 | 000,012,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009.06.19 12:59:02 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.09.17 12:13:50 | 000,027,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VL807.sys -- (VL807) DRV - [2008.09.17 12:13:50 | 000,018,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GWHid.sys -- (GWHid) DRV - [2008.05.16 06:10:32 | 000,024,888 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp) DRV - [2008.05.16 06:10:30 | 000,026,424 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.pplive.cn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B 05 57 97 00 13 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - Reg Error: No CLSID value found. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://go.microsoft.com/fwlink/?LinkId=69157" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leo Maeser\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leo Maeser\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Leo Maeser\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.08.30 08:47:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Users\mmaeser\Downloads\components [2011.07.30 20:55:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Users\mmaeser\Downloads\plugins [2011.07.30 20:55:17 | 000,000,000 | ---D | M] [2009.11.14 23:21:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leo Maeser\AppData\Roaming\Mozilla\Extensions [2011.08.20 19:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leo Maeser\AppData\Roaming\Mozilla\Firefox\Profiles\8b62no5h.default\extensions [2011.08.08 19:39:21 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Leo Maeser\AppData\Roaming\Mozilla\Firefox\Profiles\8b62no5h.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.08.20 19:40:12 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Community Toolbar) -- C:\Users\Leo Maeser\AppData\Roaming\Mozilla\Firefox\Profiles\8b62no5h.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} [2010.09.29 21:13:24 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Leo Maeser\AppData\Roaming\Mozilla\Firefox\Profiles\8b62no5h.default\extensions\support@predictad.com [2009.12.08 17:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.08.30 08:47:52 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF () (No name found) -- C:\USERS\LEO MAESER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8B62NO5H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2010.10.02 09:43:47 | 000,000,000 | ---D | M] (Java Console) -- C:\USERS\MMAESER\DOWNLOADS\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2009.12.31 17:28:21 | 000,000,000 | ---D | M] (Java Console) -- C:\USERS\MMAESER\DOWNLOADS\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [2010.06.23 17:14:29 | 000,000,000 | ---D | M] (Java Console) -- C:\USERS\MMAESER\DOWNLOADS\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} O1 HOSTS File: ([2011.09.16 14:50:08 | 000,000,268 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 vscan.novirusthanks.org O1 - Hosts: 127.0.0.1 host42.hrwebservices.net O1 - Hosts: 127.0.0.1 rdr2ps3.ms4.gamespy.com O1 - Hosts: 127.0.0.1 match.gta4ps3.gamespy.com O1 - Hosts: 127.0.0.1*.ms4.gamespy.com O1 - Hosts: 127.0.0.1 207.38.11.34 O1 - Hosts: 127.0.0.1 Owner-PC.gateway.2wire.net O2 - BHO: (PIPI Link Helper) - {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} - C:\pipi\JfCheck.dll (PIPI Tech.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (VDownloader Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [kwmusic] C:\Program Files\KWMUSIC\Kwmusic.exe (酷我科技) O4 - HKLM..\Run: [LELA] C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe (Linksys LLC - A Division of Cisco Systems) O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.) O4 - HKCU..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation) O4 - HKCU..\Run: [PPS Accelerator] C:\Programme\PPStream\PPSAP.exe (PPStream Inc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Leo Maeser\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Programme\PPLive\PPTV\PPLive.exe (PPLive Corporation) O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Programme\PPLive\PPTV\PPLive.exe (PPLive Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: pps.tv ([]http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: ppstream.com ([]http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: webscache.com ([]http in Vertrauenswürdige Sites) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.42.43.62 82.212.62.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{298F6D55-A949-42CE-AE55-68FEC6C98816}: DhcpNameServer = 78.42.43.62 82.212.62.62 O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Programme\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{36612598-bb1c-11de-a136-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{36612598-bb1c-11de-a136-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup\rsrc\Autorun.exe O33 - MountPoints2\{36612598-bb1c-11de-a136-806e6f6e6963}\Shell\dinstall\command - "" = D:\Directx\dxsetup.exe O33 - MountPoints2\{44f5f33d-9116-11e0-846e-0024212d43b3}\Shell - "" = AutoRun O33 - MountPoints2\{44f5f33d-9116-11e0-846e-0024212d43b3}\Shell\AutoRun\command - "" = J:\AutoRunCD.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {5N74Q260-OYX8-U818-B6X3-Y47D2B5UA1F4} - C:\Windows\install\svhost.exe Restart ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {APNWIN30-4OD2-K8GH-64J1-076IF1G7N12H} - C:\Windows\system32\system32\system.exe Restart ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.09.16 20:11:06 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Users\Leo Maeser\Desktop\OTL.exe [2011.09.16 15:46:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.09.16 15:46:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.09.16 14:51:51 | 002,563,808 | ---- | C] (Piriform Ltd) -- C:\Users\Leo Maeser\Desktop\ccsetup310_slim.exe [2011.09.16 14:47:40 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Leo Maeser\Desktop\HiJackThis204.exe [2011.09.14 16:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¿áÎÒÒôÀֺР2011 [2011.09.10 16:27:04 | 000,000,000 | ---D | C] -- C:\lang [2011.09.10 16:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2011.09.10 16:23:16 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\AppData\Local\RapidSolution [2011.09.10 16:11:38 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\Documents\StationRipper [2011.09.10 16:11:28 | 000,380,928 | ---- | C] (Ratajik Software) -- C:\Windows\System32\RSLSP.dll [2011.09.10 15:59:22 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\Documents\My Received Files [2011.09.10 15:57:05 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\AppData\Local\PackageAware [2011.09.02 13:07:12 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\Desktop\min [2011.09.01 22:05:47 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\Documents\Spiele [2011.09.01 21:05:02 | 000,000,000 | ---D | C] -- C:\Users\Leo Maeser\AppData\Local\Gas Powered Games [2010.08.11 14:39:39 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.09.16 20:12:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\multbp.cfg [2011.09.16 20:11:12 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Leo Maeser\Desktop\OTL.exe [2011.09.16 20:07:32 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.09.16 20:07:32 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.09.16 20:06:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.09.16 20:03:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983585111-2787362013-827882179-1006UA.job [2011.09.16 20:00:24 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.09.16 20:00:07 | 000,000,246 | ---- | M] () -- C:\Windows\tasks\PIPI_Update.job [2011.09.16 19:59:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.09.16 19:59:45 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys [2011.09.16 16:32:00 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983585111-2787362013-827882179-1003UA.job [2011.09.16 15:50:20 | 000,135,330 | ---- | M] () -- C:\Users\Leo Maeser\Documents\cc_20110916_155002.reg [2011.09.16 15:46:39 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.09.16 14:51:51 | 002,563,808 | ---- | M] (Piriform Ltd) -- C:\Users\Leo Maeser\Desktop\ccsetup310_slim.exe [2011.09.16 14:50:08 | 000,000,268 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.09.16 14:47:41 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Leo Maeser\Desktop\HiJackThis204.exe [2011.09.16 09:02:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983585111-2787362013-827882179-1006Core.job [2011.09.15 19:32:06 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983585111-2787362013-827882179-1003Core.job [2011.09.14 17:17:55 | 000,707,382 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.09.14 17:17:55 | 000,660,978 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.09.14 17:17:55 | 000,152,868 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.09.14 17:17:55 | 000,125,064 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.09.14 16:51:18 | 000,001,520 | ---- | M] () -- C:\Users\Public\Desktop\¿áÎÒÒôÀÖÎļþ¼Ð.lnk [2011.09.14 16:51:18 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\¿áÎÒÒôÀֺР2011.lnk [2011.09.09 21:52:43 | 003,601,433 | ---- | M] () -- C:\Users\Leo Maeser\Documents\Billy Talent - Devil on my Shoulder Official Video.mp3 [2011.09.09 21:16:14 | 001,732,201 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Blur Song 2.mp3 [2011.09.09 21:15:11 | 003,511,061 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Danza Kuduro (Canción con Letra).mp3 [2011.09.09 21:13:04 | 004,683,307 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Coolio gangster's paradise (Lyrics).mp3 [2011.09.09 21:12:32 | 004,156,278 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Diddy - Dirty Money - Coming Home (feat. Skylar Grey) Lyrics.mp3 [2011.09.09 21:11:16 | 003,286,035 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Far East Movement - Like a G6.mp3 [2011.09.09 21:10:42 | 003,400,631 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Caro Emerald - STUCK.mp3 [2011.09.09 21:10:18 | 004,647,167 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\David Guetta - Where Them Girls At ft. Nicki Minaj_ Flo Rida.mp3 [2011.09.09 21:09:12 | 002,482,860 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Caro Emerald - A Night Like This - Lyrics.mp3 [2011.09.09 21:08:46 | 002,350,265 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Do it like a dude - Jessie J - Lyrics.mp3 [2011.09.02 12:07:49 | 250,000,000 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\SC2-DP.part1.rar [2011.09.02 12:02:48 | 217,006,820 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\SC2-DP.part2.rar [2011.09.01 21:34:14 | 000,010,417 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Game.prefs [2011.09.01 20:38:01 | 000,143,815 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_US.scd [2011.09.01 20:15:59 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_cn.scd.enc [2011.09.01 20:15:36 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_kr.scd.enc [2011.09.01 20:14:02 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_star.scd.enc [2011.09.01 20:13:59 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_cz.scd.enc [2011.09.01 20:13:25 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_es.scd.enc [2011.09.01 20:12:45 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_fr.scd.enc [2011.09.01 20:12:36 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_jp.scd.enc [2011.09.01 20:12:23 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_us.scd.enc [2011.09.01 20:12:14 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_ja.scd.enc [2011.09.01 20:11:18 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_pl.scd.enc [2011.09.01 20:10:50 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_it.scd.enc [2011.09.01 20:10:46 | 000,000,044 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\loc_ru.scd.enc [2011.09.01 20:10:42 | 000,000,215 | ---- | M] () -- C:\Users\Leo Maeser\Desktop\Supreme Commander 2.url [2011.08.30 08:47:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.09.16 15:50:07 | 000,135,330 | ---- | C] () -- C:\Users\Leo Maeser\Documents\cc_20110916_155002.reg [2011.09.16 15:46:39 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.09.14 16:51:18 | 000,001,520 | ---- | C] () -- C:\Users\Public\Desktop\¿áÎÒÒôÀÖÎļþ¼Ð.lnk [2011.09.14 16:51:18 | 000,000,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¿áÎÒÒôÀֺР2011.lnk [2011.09.14 16:51:18 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\¿áÎÒÒôÀֺР2011.lnk [2011.09.09 20:07:13 | 001,732,201 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Blur Song 2.mp3 [2011.09.09 20:06:14 | 002,350,265 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Do it like a dude - Jessie J - Lyrics.mp3 [2011.09.09 19:52:46 | 004,156,278 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Diddy - Dirty Money - Coming Home (feat. Skylar Grey) Lyrics.mp3 [2011.09.09 19:18:24 | 003,286,035 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Far East Movement - Like a G6.mp3 [2011.09.09 16:42:23 | 004,683,307 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Coolio gangster's paradise (Lyrics).mp3 [2011.09.09 16:41:19 | 003,511,061 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Danza Kuduro (Canción con Letra).mp3 [2011.09.09 16:28:04 | 002,482,860 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Caro Emerald - A Night Like This - Lyrics.mp3 [2011.09.09 16:27:36 | 003,400,631 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Caro Emerald - STUCK.mp3 [2011.09.09 16:23:52 | 004,647,167 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\David Guetta - Where Them Girls At ft. Nicki Minaj_ Flo Rida.mp3 [2011.09.07 20:27:18 | 000,960,074 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Supreme_Commander_2_V1.250.exe [2011.09.02 12:09:30 | 465,792,349 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Supreme Commander 2 Deutsch Patch.exe [2011.09.02 12:04:26 | 250,000,000 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\SC2-DP.part1.rar [2011.09.02 12:00:19 | 217,006,820 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\SC2-DP.part2.rar [2011.09.01 21:05:54 | 000,010,417 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Game.prefs [2011.09.01 20:15:56 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_cn.scd.enc [2011.09.01 20:15:33 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_kr.scd.enc [2011.09.01 20:13:59 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_star.scd.enc [2011.09.01 20:13:56 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_cz.scd.enc [2011.09.01 20:13:22 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_es.scd.enc [2011.09.01 20:12:42 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_fr.scd.enc [2011.09.01 20:12:32 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_jp.scd.enc [2011.09.01 20:12:18 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_us.scd.enc [2011.09.01 20:12:10 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_ja.scd.enc [2011.09.01 20:11:14 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_pl.scd.enc [2011.09.01 20:10:46 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_it.scd.enc [2011.09.01 20:10:44 | 000,000,044 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_ru.scd.enc [2011.09.01 20:10:42 | 000,000,215 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\Supreme Commander 2.url [2011.09.01 20:07:27 | 000,143,815 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\loc_US.scd [2011.08.27 22:21:50 | 000,002,258 | ---- | C] () -- C:\Users\Leo Maeser\Desktop\swfoc_clone_wars_iii_mod.exe.lnk [2011.06.09 17:21:33 | 000,000,098 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Local\fusioncache.dat [2011.06.09 14:23:22 | 000,022,328 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Roaming\PnkBstrK.sys [2011.06.09 14:23:04 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2011.05.08 12:02:14 | 000,000,000 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Local\{114FC139-9298-4C18-8291-CF9901FB5232} [2011.05.01 21:15:04 | 000,007,634 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Local\Resmon.ResmonCfg [2011.04.28 21:59:47 | 000,001,226 | ---- | C] () -- C:\Windows\PIPIPlayer.INI [2011.04.28 10:54:42 | 000,709,992 | ---- | C] () -- C:\Windows\System32\kindling.dll [2011.04.26 17:07:34 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.04.26 17:07:21 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.04.26 17:07:17 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.04.21 14:14:24 | 000,000,157 | ---- | C] () -- C:\Windows\wininit.ini [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.03.12 23:23:20 | 000,000,000 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Roaming\chrtmp [2011.02.14 19:58:49 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010.08.14 13:05:52 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini [2010.06.02 15:12:55 | 000,027,184 | ---- | C] () -- C:\Windows\System32\drivers\VL807.sys [2010.06.02 15:12:30 | 000,064,048 | ---- | C] () -- C:\Windows\System32\Hidhlp.dll [2010.06.02 15:12:30 | 000,055,856 | ---- | C] () -- C:\Windows\System32\iFT7195.dll [2009.12.20 18:39:00 | 000,000,769 | ---- | C] () -- C:\Windows\Thps3.INI [2009.10.26 18:33:00 | 000,019,414 | ---- | C] () -- C:\Users\Leo Maeser\AppData\Roaming\UserTile.png [2009.07.14 10:47:43 | 000,707,382 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,152,868 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,291,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,660,978 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,125,064 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009.01.05 14:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe [2009.01.05 14:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini [2005.12.28 21:36:32 | 000,158,081 | -H-- | C] () -- C:\Users\Leo Maeser\AppData\Roaming\Leo Maeserlog.dat ========== LOP Check ========== [2011.08.02 20:37:18 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\.minecraft [2011.04.15 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Babylon [2011.09.16 15:48:54 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\DAEMON Tools Lite [2011.08.08 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\DVDVideoSoft [2011.08.08 19:39:21 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\DVDVideoSoftIEHelpers [2011.07.05 13:30:56 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\IObit [2011.04.26 17:04:53 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Leadertech [2011.07.03 13:35:01 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\LucasArts [2011.01.26 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Need for Speed World [2010.01.20 21:00:02 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\OpenOffice.org [2011.09.16 14:50:44 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\PIPI [2011.04.28 10:55:09 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\PPLive [2011.09.15 19:06:11 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\PPStream [2010.02.24 20:01:22 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Sierra [2011.06.29 16:32:00 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Splitscreen Studios [2011.04.28 10:00:06 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Tencent [2011.06.20 12:34:37 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\The Creative Assembly [2011.04.27 10:25:05 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\TuneUp Software [2011.03.03 16:20:59 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\Unity [2011.08.26 12:31:23 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\uTorrent [2010.08.11 14:39:52 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\VDownloader [2011.08.04 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\Leo Maeser\AppData\Roaming\WindSolutions [2011.09.16 20:00:07 | 000,000,246 | ---- | M] () -- C:\Windows\Tasks\PIPI_Update.job [2011.08.30 20:16:09 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.05.02 09:04:28 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.07.28 22:16:10 | 000,000,000 | ---D | M] -- C:\AeriaGames [2011.05.31 09:56:29 | 000,000,000 | ---D | M] -- C:\Archivos de programa [2010.09.17 15:29:28 | 000,000,000 | ---D | M] -- C:\ATI [2011.04.28 11:38:02 | 000,000,000 | ---D | M] -- C:\cache [2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.10.17 15:07:22 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.16 20:06:30 | 000,000,000 | ---D | M] -- C:\FavoriteVideo [2011.05.03 21:02:31 | 000,000,000 | ---D | M] -- C:\GTA [2011.04.28 09:50:36 | 000,000,000 | --SD | M] -- C:\KuaiwanGames [2011.04.19 20:36:09 | 000,000,000 | ---D | M] -- C:\KwDownload [2011.09.10 16:32:40 | 000,000,000 | ---D | M] -- C:\lang [2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.09.15 19:06:14 | 000,000,000 | ---D | M] -- C:\pipi [2011.08.18 07:51:09 | 000,000,000 | -H-D | M] -- C:\pipicache [2011.07.26 20:31:07 | 000,000,000 | ---D | M] -- C:\PPDownload [2011.09.16 15:46:36 | 000,000,000 | R--D | M] -- C:\Program Files [2011.09.11 07:50:26 | 000,000,000 | -H-D | M] -- C:\ProgramData [2009.10.17 15:07:22 | 000,000,000 | -HSD | M] -- C:\Programme [2011.01.04 13:16:49 | 000,000,000 | -HSD | M] -- C:\Recovery [2010.08.10 16:52:56 | 000,000,000 | ---D | M] -- C:\Sounds [2011.09.16 20:17:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.05.01 21:16:32 | 000,000,000 | ---D | M] -- C:\Users [2011.05.29 09:42:11 | 000,000,000 | ---D | M] -- C:\WIELAND [2011.09.16 19:07:19 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < MD5 for: EXPLORER.EXE > [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-16 12:44:21 < > ========== Files - Unicode (All) ========== (C:\Users\Leo Maeser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- C:\Users\Leo Maeser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 < End of report > Code:
ATTFilter OTL Extras logfile created on: 16.09.2011 20:15:11 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Leo Maeser\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,13% Memory free
6,50 Gb Paging File | 5,15 Gb Available in Paging File | 79,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 160,23 Gb Free Space | 34,41% Space Free | Partition Type: NTFS
Computer Name: MMAESER-PC | User Name: Leo Maeser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Users\mmaeser\Downloads\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [kwopen] -- "C:\Program Files\KWMUSIC\KwMusic.exe" \dir "%1" (酷我科技)
Directory [kwplaylist] -- "C:\Program Files\KWMUSIC\KwMusic.exe" \dirlist "%1" (酷我科技)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{10D4F38B-5436-4673-B861-F301929B373B}" = SL-6640 Black Widow Flightstick
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{284BD984-6E5C-4586-80A8-14D85E233497}" = Linksys EasyLink Advisor
"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)
"{2AB0360C-AB63-423C-9C4A-7079110CD17F}" = Global War on Terror Death Strike
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5612C844-55BC-4B77-82C2-A2E28962418E}" = Republic Heroes
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = Die Sims™ 2 Teen Style-Accessoires
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires
"{6592FDEC-2C1A-413A-9985-25FEC2F0848D}" = Star Wars Empire at War Forces of Corruption
"{6C0A6B81-0D00-453F-B220-E1F7931B3C2A}" = LEGO® Star Wars™ III: The Clone Wars™
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = Die Sims™ 2 IKEA® Home-Accessoires
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = Die Sims™ 2 H&M®-Fashion-Accessoires
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = DIE SIEDLER - Das Erbe der Könige
"{94A1911F-CD2F-4B9C-B171-2B43DCD213AA}" = Splashtop Remote
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = Die Sims™ 2 Deluxe
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = Die Sims™ 2: Glamour-Accessoires
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.10.509.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B49D66-618F-4D54-9C8F-C7F87A74229F}" = RK
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{C9507D0D-1A9C-486E-91D6-33A71CCA55F2}" = Pure Networks Platform
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = LG PC Suite III deinstallieren
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F59A3B93-6C1C-4C3E-BCC4-4897490E2963}" = LG Bluetooth Drivers
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Combat Flight Simulator 3.0" = Microsoft Combat Flight Simulator 3.0
"CyberGhost VPN_is1" = CyberGhost VPN
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"FT7195" = SPEEDLINK WASP2 USB Joystick
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"GooglePinyin2" = 谷歌拼音输入法 2.3
"Halo Trial" = Microsoft Halo Trial
"InstallShield_{10D4F38B-5436-4673-B861-F301929B373B}" = SL-6640 Black Widow Flightstick
"InstallShield_{284BD984-6E5C-4586-80A8-14D85E233497}" = Linksys EasyLink Advisor
"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers - Kampf um Cybertron
"InstallShield_{94A1911F-CD2F-4B9C-B171-2B43DCD213AA}" = Splashtop Remote
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"KwMusic" = ¿áÎÒÒôÀֺР2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaChecksum_is1" = MegaChecksum V1.3.0.2t
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.5.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)
"PIPI_is1" = PIPI 2.9.0.2
"PPLive" = PPTV V3.0.2.0011
"PunkBusterSvc" = PunkBuster Services
"QQSoftMgr" = QQ软件管理1.0 Beta3
"Steam App 10500" = Empire: Total War
"Steam App 107900" = War Inc. Battlezone
"Steam App 34030" = Napoleon: Total War
"Steam App 40100" = Supreme Commander 2
"Steam App 47870" = Need for Speed: Hot Pursuit
"Theme Park World" = Theme Park World
"TIPP10_is1" = TIPP10 Version 2.0.1
"Tony Hawk's Pro Skater 3®" = Tony Hawk's Pro Skater 3®
"UEAW v4 " = UEAW v4
"UltraISO_is1" = UltraISO Premium V9.36
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"WolfTeam-DE" = WolfTeam-DE
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"Google Chrome" = Google Chrome
"Pirate Galaxy" = Pirate Galaxy
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31.12.2010 06:38:22 | Computer Name = mmaeser-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 31.12.2010 06:38:22 | Computer Name = mmaeser-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Lock locking failure! mDNS_busy (1) !=
mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = SetNextQueryTime: Lock not held! mDNS_busy (2) mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = SetNextQueryTime: Lock not held! mDNS_busy (2) mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = SetNextQueryTime: Lock not held! mDNS_busy (2) mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = SetNextQueryTime: Lock not held! mDNS_busy (2) mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = SetNextQueryTime: Lock not held! mDNS_busy (2) mDNS_reentrancy (0)
Error - 31.12.2010 10:50:37 | Computer Name = mmaeser-PC | Source = Bonjour Service | ID = 100
Description = mDNSCoreMachineSleep: mDNS_Unlock locking failure! mDNS_busy (1) !=
mDNS_reentrancy (0)
Error - 31.12.2010 13:28:00 | Computer Name = mmaeser-PC | Source = EventSystem | ID = 4622
Description =
[ System Events ]
Error - 16.09.2011 13:07:16 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0024212D43B3", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:07:16 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0024212D43B3", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:07:17 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "00FF0F7333DE", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:07:17 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "00FF0F7333DE", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:07:30 | Computer Name = mmaeser-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Tencent Software Update Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 16.09.2011 13:59:46 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0024212D43B3", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:59:46 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0024212D43B3", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:59:46 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "00FF0F7333DE", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:59:46 | Computer Name = mmaeser-PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "00FF0F7333DE", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 16.09.2011 13:59:57 | Computer Name = mmaeser-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Tencent Software Update Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report >
 loxitane |
| Themen zu Backdoor Virus: Maus zeigt permanent Hintergrundaktivität an |
| 32-bit, 78.42.43.62, akamai, antivir, avira, backdoor, bho, black, bluescreen, bonjour, c:\windows\system32\rundll32.exe, ccsetup, computer, converter, cyberghost, energiesparmodus, error, firefox, galaxy, google chrome, helper, hijack, hijackthis, home, install.exe, langsam, logfile, maus, mp3, nvlddmkm.sys, plug-in, safer networking, scan, security, sehr langsam, server, software, start menu, studio, system, unlock, version=1.0, virus, webcheck |
Baum-Darstellung