| |
| |||||||
Log-Analyse und Auswertung: Merkwürdiger/s Virus / ProgrammWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.05.2010, 04:21
| #1 |
| |  Merkwürdiger/s Virus / Programm Hey. Ich hab mal ein Programm von einem Kumpel bekomme welcher den Router resettet. Heut ist mein Kaspersky abgelaufen also hab ich mit Antivir geholt und schwups wurde was erkannt. Ich war skeptisch als lud ich es mal auf Virustotal hoch und Bäm da waren ein paar Treffer wie "High risk worm" etc. Also hab ich mal schnell ein HJT und OTL Log gemacht. BTW: Laut ihm sollte dieses Programm 100% Virenfrei sein. Aber da geh ich lieber auf Nummer sicher. Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:32:11, on 29.05.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\avmwlanstick\WLanGUI.exe C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\ICQ7.0\ICQ.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\TortoiseSVN\bin\TSVNCache.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Pivot Stickfigure Animator\pivot.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Windows\SysWOW64\conime.exe C:\Users\Schulz PC\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVMWlanClient] "C:\Program Files (x86)\avmwlanstick\wlangui.exe" O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [AVMFBoxMonitor] "C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8647 bytes und um Zeit zu sparen hier gleich mal ein OTL Wäre sehr dankbar für schnelle Hilfe  |
|
31.05.2010, 04:21
| #2 |
| | Merkwürdiger/s Virus / Programm Sorry für Doppelpost, aber laut der Website war er ca. 100 Zeichen zu groß
__________________ Also hier die OTL Logs [CODE] Code:
ATTFilter OTL logfile created on: 29.05.2010 23:36:57 - Run 1 OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Schulz PC\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 94,79 Gb Free Space | 40,70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 556,13 Gb Total Space | 556,00 Gb Free Space | 99,98% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: SCHULZPC-PC Current User Name: Schulz PC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Schulz PC\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net) PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe (AVM Berlin) PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) ========== Modules (SafeList) ========== MOD - C:\Users\Schulz PC\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Program Files (x86)\Xfire\xfire_toucan_42628.dll (Xfire Inc.) MOD - C:\Windows\SysWOW64\msvcr71.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\SysWOW64\wsock32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\Drivers\BTHport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\Drivers\BTHUSB.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (UMPass) -- C:\Windows\SysNative\DRIVERS\umpass.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\DRIVERS\bthpan.sys (Microsoft Corporation) DRV:64bit: - (AmdLLD64) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (AMD, Inc.) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (ATITool) -- C:\Windows\SysNative\DRIVERS\ATITool64.sys () DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "dict.cc Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.09 17:53:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.03 02:31:37 | 000,000,000 | ---D | M] [2009.11.15 19:51:00 | 000,000,000 | ---D | M] -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Extensions [2010.05.28 20:01:30 | 000,000,000 | ---D | M] -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions [2010.01.19 14:04:48 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.04.08 15:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2010.05.18 17:29:47 | 000,000,000 | ---D | M] (dict.cc Toolbar) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{3160baf9-cf68-48ec-9076-faed7ce49467} [2010.03.18 13:40:17 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2010.05.24 20:30:04 | 000,000,000 | ---D | M] (HypreCam Toolbar) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2010.02.23 00:06:13 | 000,000,000 | ---D | M] (Power Twitter) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493} [2010.05.01 15:16:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.02.06 18:41:16 | 000,000,000 | ---D | M] -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\battlefieldheroespatcher@ea.com [2010.04.20 02:00:11 | 000,000,000 | ---D | M] -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\personas@christopher.beard [2010.05.22 00:37:26 | 000,000,000 | ---D | M] -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\twitternotifier@naan.net [2009.12.16 12:04:20 | 000,002,172 | ---- | M] () -- C:\Users\Schulz PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\bing.xml [2010.04.21 12:12:44 | 000,000,913 | ---- | M] () -- C:\Users\Schulz PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\conduit.xml [2010.05.29 17:08:17 | 000,000,944 | ---- | M] () -- C:\Users\Schulz PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\icqplugin.xml [2010.01.19 20:55:27 | 000,001,996 | ---- | M] () -- C:\Users\Schulz PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\suche-in-wikipedia.xml [2010.05.28 20:01:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.24 19:35:31 | 000,395,319 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13653 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMFBoxMonitor] C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe (AVM Berlin) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Schulz PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Schulz PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.29 11:07:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.05.29 11:01:34 | 000,000,000 | ---D | C] -- C:\Users\Schulz PC\AppData\Roaming\Avira [2010.05.29 10:59:34 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010.05.29 10:59:34 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.05.29 10:59:34 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010.05.29 10:59:34 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010.05.29 10:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.05.29 10:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010.05.29 04:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pivot [2010.05.29 03:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pivot Stickfigure Animator [2010.05.27 17:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweetDeck [2010.05.27 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wisdom-soft AutoScreenRecorder 3 Free [2010.05.26 00:40:24 | 000,000,000 | ---D | C] -- C:\Users\Schulz PC\Documents\gegl-0.0 [2010.05.25 15:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server [2010.05.24 20:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HypreCam Toolbar [2010.05.24 20:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyCam2 [2010.05.24 19:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.05.24 19:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2010.05.21 19:07:31 | 000,000,000 | ---D | C] -- C:\Users\Schulz PC\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2010.05.21 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010.05.18 21:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Algodoo Phun Edition [2010.05.09 18:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PrettyMay [2010.05.08 14:31:45 | 000,000,000 | ---D | C] -- C:\Users\Schulz PC\Documents\ICQ [2010.05.08 12:58:14 | 000,000,000 | ---D | C] -- C:\Users\Schulz PC\Documents\random [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.29 23:37:01 | 006,553,600 | -HS- | M] () -- C:\Users\Schulz PC\NTUSER.DAT [2010.05.29 23:30:16 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{685A5B38-4429-4657-8E0D-2C702BBDFDD4}.job [2010.05.29 22:12:18 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.29 22:12:18 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.29 19:51:38 | 000,105,447 | ---- | M] () -- C:\Users\Schulz PC\Documents\gif xD.gif [2010.05.29 19:51:07 | 000,003,927 | ---- | M] () -- C:\Users\Schulz PC\Documents\gif xD.piv [2010.05.29 12:12:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.29 12:12:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.29 11:10:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.05.29 11:10:44 | 000,524,288 | -HS- | M] () -- C:\Users\Schulz PC\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010.05.29 11:10:44 | 000,065,536 | -HS- | M] () -- C:\Users\Schulz PC\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010.05.29 11:10:09 | 003,952,908 | -H-- | M] () -- C:\Users\Schulz PC\AppData\Local\IconCache.db [2010.05.29 10:59:50 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.29 10:46:42 | 000,059,120 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.29 10:44:56 | 000,264,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.05.29 04:53:59 | 000,110,684 | ---- | M] () -- C:\Users\Schulz PC\.recently-used.xbel [2010.05.29 04:04:38 | 000,005,881 | ---- | M] () -- C:\Users\Schulz PC\Documents\crap.piv [2010.05.29 03:57:40 | 000,115,355 | ---- | M] () -- C:\Users\Schulz PC\Documents\rofl.gif [2010.05.29 03:29:58 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk [2010.05.27 17:54:12 | 000,018,944 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.27 17:53:19 | 075,542,034 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0005.avi [2010.05.27 17:31:20 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\TweetDeck.lnk [2010.05.27 16:22:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010.05.26 20:07:34 | 817,101,088 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0004.avi [2010.05.26 13:06:51 | 000,007,052 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\d3d9caps.dat [2010.05.25 21:12:22 | 000,000,104 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Internet - Verknüpfung.lnk [2010.05.25 15:50:26 | 000,000,879 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk [2010.05.24 19:35:31 | 000,395,319 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.05.24 19:28:15 | 000,395,319 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100524-193531.backup [2010.05.20 20:25:31 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini [2010.05.19 13:12:22 | 001,447,804 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.19 13:12:22 | 000,628,672 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.19 13:12:22 | 000,595,748 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.19 13:12:22 | 000,127,400 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.19 13:12:22 | 000,105,078 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.18 21:44:01 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\Phun.lnk [2010.05.09 15:07:36 | 000,000,834 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Skype.lnk [2010.05.08 12:59:38 | 000,000,136 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Operation Flashpoint - Dragon Rising Demo - Verknüpfung.lnk [2010.05.07 21:52:46 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll [2010.05.07 21:52:46 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll [2010.04.30 07:55:49 | 000,292,974 | ---- | M] () -- C:\Users\Schulz PC\Desktop\bookmarks-2010-04-30.json [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.29 19:51:32 | 000,105,447 | ---- | C] () -- C:\Users\Schulz PC\Documents\gif xD.gif [2010.05.29 19:51:07 | 000,003,927 | ---- | C] () -- C:\Users\Schulz PC\Documents\gif xD.piv [2010.05.29 19:01:01 | 000,822,272 | -H-- | C] () -- C:\Users\Schulz PC\Desktop\Pivot 3.2 Beta Deutsch.exe [2010.05.29 10:59:50 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.29 04:53:59 | 000,110,684 | ---- | C] () -- C:\Users\Schulz PC\.recently-used.xbel [2010.05.29 04:04:38 | 000,005,881 | ---- | C] () -- C:\Users\Schulz PC\Documents\crap.piv [2010.05.29 03:57:40 | 000,115,355 | ---- | C] () -- C:\Users\Schulz PC\Documents\rofl.gif [2010.05.29 03:29:58 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk [2010.05.28 00:33:55 | 000,038,924 | ---- | C] () -- C:\Users\Schulz PC\Desktop\FerroRosso.ttf [2010.05.27 17:51:34 | 075,542,034 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0005.avi [2010.05.26 18:51:01 | 817,101,088 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0004.avi [2010.05.25 21:12:22 | 000,000,104 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Internet - Verknüpfung.lnk [2010.05.25 15:50:26 | 000,000,879 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk [2010.05.21 19:07:26 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\TweetDeck.lnk [2010.05.18 21:44:01 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\Phun.lnk [2010.05.09 18:43:58 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini [2010.05.09 15:07:36 | 000,000,834 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Skype.lnk [2010.05.08 12:59:38 | 000,000,136 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Operation Flashpoint - Dragon Rising Demo - Verknüpfung.lnk [2010.05.07 21:52:46 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010.05.07 21:52:46 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll [2010.04.30 07:55:49 | 000,292,974 | ---- | C] () -- C:\Users\Schulz PC\Desktop\bookmarks-2010-04-30.json [2009.11.16 19:50:24 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.11.16 01:21:33 | 001,475,582 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.11.08 04:41:57 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.11.08 04:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Schulz PC\Documents\clip0005.avi:TOC.WMV < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.05.2010 23:36:57 - Run 1
OTL by OldTimer - Version 3.2.5.1 Folder = C:\Users\Schulz PC\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 94,79 Gb Free Space | 40,70% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 556,13 Gb Total Space | 556,00 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SCHULZPC-PC
Current User Name: Schulz PC
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 1F 9D A4 7B 1F 60 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3301016802-1052793671-704723331-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA12EE5-9421-4A70-8D5F-D5881B69B8F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E9992CB-5B0D-44BB-B3F9-B32241C9B835}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1777C660-6BC7-4D41-9AB4-B18EC6AD4E9E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{18BD6522-FB3E-449C-BF85-C80BC2377C9E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1936381D-56A3-4057-888A-31D38EE252A1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E67520E-FC1B-4A60-9DC6-7E2D410B8443}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{250D026C-2C19-42D4-B31C-FD9B9A94158A}" = rport=10244 | protocol=6 | dir=out | app=system |
"{3DD3A43C-4A47-48D8-ACD2-BDF271B5FB64}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{423220E3-5F59-4765-9DD9-89CA18ECE634}" = lport=445 | protocol=6 | dir=in | app=system |
"{4A61DB61-3A76-47E0-BB79-04DBDF6A6A3B}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C520215-5D30-4143-9447-23D2E532DD31}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{4F166FC4-5433-47B0-BB4A-01785FC81D3B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{57C625BC-71D9-454B-9A6C-4E2165365BDA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{599B6AAF-BEA0-4D8B-B312-8217C3B79F69}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65389325-0A7E-4142-A918-D8E10855F6EE}" = lport=10244 | protocol=6 | dir=in | app=system |
"{65961C33-DCA3-442F-B375-B91A49B06088}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7029F6CC-411D-499E-B605-D249C6D5052C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{78AE6919-8B6A-4BD7-9566-DC2AF92DE52D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{837D0796-967D-46D5-AF09-E9CEB09631E8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8885A92B-9A0A-449E-B7A8-4608D6EC3971}" = lport=139 | protocol=6 | dir=in | app=system |
"{8DB6DC34-2A55-49C4-8E6B-D895B8E4914E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8F1EFEAB-FE28-49B9-B75E-16F1AE14F44E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FC71FCF-A383-4035-9991-214EC62F3EF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{9234C7B5-228C-4034-A01A-89578451F9C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A020E24-3D82-4114-95D9-D8CC66AF31D4}" = lport=3390 | protocol=6 | dir=in | app=system |
"{A23FDA72-F2E4-4992-BE42-7E08FE659B55}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B004C52E-7165-448F-87E2-34EC1010F2F9}" = rport=10244 | protocol=6 | dir=out | app=system |
"{B1B174C1-95F7-4911-9E13-A20BCA250CA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B227E55B-B104-4C4B-827D-CD90F39B2E7F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C41DC9A3-B3D8-4667-97C5-6C27AFDCCC26}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{CDF6559F-5248-4D47-A415-1E3364A23A0D}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D7F531FB-3F64-4C21-841E-FA56243B4A77}" = rport=138 | protocol=17 | dir=out | app=system |
"{E378FCB8-DAA7-4BAF-BDB9-19E4921A8420}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB14E3C6-761B-4ED2-9A35-026D8847B4DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F21EDBB2-A002-4B49-A56E-00CC132A940D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FB5576D6-3A38-4102-BDC3-E42D2364DA6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B735FD-4EC7-444B-8372-D7CC6D061C4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{06F2A313-90C6-4AA9-ADF8-2B5EE8E68F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{09420C9D-B50C-4F25-8581-24DE79944DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{099B6FA8-489B-4EF0-8B0D-16D87AB84036}" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe |
"{0D281AAE-968F-47C9-B08F-912252702A4C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{12ECDC6F-0B53-4C30-A9BE-6156675384BB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{163B2B17-FA6E-4181-8935-10DE82F0598B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{17E27D84-805A-46FB-AE6F-9580A271E3A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1A96B60D-4A6A-436E-8831-C7B8D7CC01D3}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{1B361B57-FCF0-4209-8BC7-BB81A9A01E84}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{2141F537-C3B0-47CE-AE41-F0588B22E57D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\punny2061\day of defeat source\hl2.exe |
"{28CEDE76-5BA1-4276-8331-4352D759F37E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{2B814B16-7FAF-4851-9F98-97370C9DBA97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2DC03553-C8D9-49CC-8C16-2FB4A001D198}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{2F197313-EAA7-486B-93E5-C9CC8D43D08C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{37163A27-ACB1-486B-814A-1D12F0FD181E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{384AFEAD-73CA-40DE-ABA9-16AC036C9DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising demo\ofdr demo.exe |
"{3CEE9254-FAF8-4728-B1AC-3B08193B428D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{41CE9CBC-E8CD-46E7-BEB0-A98FC61C57C2}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{42566566-D454-4B17-A2E0-2B1BD883607B}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{434A21D6-1E84-42FE-96E2-8174A4A2A0BD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{46FB15CC-A1A3-4F4C-8FD4-321216232B13}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{49F87B6B-9B0C-4B1C-8A17-FC818A3FE6A2}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising demo\ofdr demo.exe |
"{50BC4A6E-FD38-4D63-9862-54BE59B87339}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{57107037-E536-49C3-A468-C945FF62FCE3}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{58F683E2-9012-42A6-9A8D-493AE4AB49B7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{6028B5C4-56AF-4AE9-8503-4F2841E8A811}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{6336ACDB-574E-4658-8C33-B40346DF9F60}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{65FB14C3-4914-447F-AF18-C3370558E080}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{66081308-2D9A-488B-A904-30898F4B45A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{66A41707-A02E-4E76-9D8F-4CAF14F0A5A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{680D8855-CA07-4CA0-9865-5E2647F5937B}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{68E43BA9-48FF-4325-832D-A3C18A8C60D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{7D6E803C-8F72-464D-B032-0B50A93C6A37}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{7EFFF005-517B-46F9-906A-04324CA68141}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{847A9836-0827-4E1A-89AF-9D16629756DF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{87A97E7E-CC5F-41AA-A6AE-89FE082D115B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{88AF6F3E-DF05-42A0-9534-2667EC747FAA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{925B837F-A0F3-4D47-A3A8-7793ED61D0F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{93B6B09A-D0B6-4760-921E-36C9006C5A42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{980D2E21-7B26-4AD9-8DDA-2E6C3540C0BA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{9B9CF07E-2567-481A-87C9-B0080B09C15E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{9BB0378A-2E7F-4ED8-A62F-066C8D4A4305}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{9F0B09CF-C15A-4051-B221-71D513B23CD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B49CEF5B-AECD-4C80-B80C-2ED225CAFB8D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B7BAE1D9-5039-4365-9257-611145CA6B96}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BD1B6AAA-EF2A-45CC-BA04-A4E4EEC1064B}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{C5AA5A57-4E52-4148-AF17-ECDA029CCE14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C8DE7322-AEE5-44F6-9A09-A9C79A620F68}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{CDF07E3E-F5F0-4A57-ACFF-B45E1BC46498}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt2 demo\dirt2.exe |
"{D3452B04-0663-425D-B196-8B09719327F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{D3831DE0-A443-4CFC-9F41-86C1CD1FAE8D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D59EE67F-89CB-4C55-8DD6-6F47D350A974}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{DAA58A1F-6013-48DC-8A07-BB2282751506}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{DAF5B9DA-EB99-40B1-8432-1A56FCA7B8F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{DD2C59A4-CA49-4593-8717-17DB03BE7337}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE013AB8-CE7A-4E16-902B-81B18B97BDEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E0C2493F-58EB-4922-AF42-66D7F1977D12}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\punny2061\day of defeat source\hl2.exe |
"{E16249F4-8CD1-4AAB-87D5-DC8644CC6346}" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe |
"{E3F556B8-9BD3-43B2-80AB-E20742DB78B6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E8A951D7-ADBA-4922-B4C5-73A7A8B26595}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{E91E794B-6169-44D5-B02B-BC4D3957C017}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{EF4A7E45-397D-453D-8799-197451B6A882}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt2 demo\dirt2.exe |
"{F03B3AF6-97F2-4638-9D30-903662813715}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{F5D8516B-5A3C-4E2C-A3AB-237FEFD36B86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{F984D2AE-4E95-4F98-B6E5-4FED1E2BD039}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{FBB50CD6-DA8C-43F8-AEC2-027861299D3A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"TCP Query User{A1075E99-35BB-4CB1-AE56-4831173514B5}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"TCP Query User{C0282ABF-E83A-4FBC-AA3D-55B0DAE391E4}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{F904B389-EAC0-4C5F-B574-5AEBC3F58B92}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{315BCFEB-1A58-40D7-8D4B-F7DE382AA762}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{68D7A782-1810-4B6E-804E-CD506E2F286A}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"UDP Query User{AA16D909-33ED-4131-84F0-C17CF45A5839}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E96FD88-FF86-25BB-112E-804C2F1B1128}" = ATI Catalyst Install Manager
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC2512D4-ED8A-4015-BF87-92478483C171}" = TortoiseSVN 1.6.6.17493 (64 bit)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B71779A7-9931-A01C-FE36-26D30133B3A1}" = ccc-utility64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07785343-2AA5-5493-2F7E-6828FD1BE825}" = CCC Help Polish
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F52FBBC-D076-9A9A-5A0F-FFC6D46361B0}" = Catalyst Control Center Graphics Previews Common
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}" = Nero 8 Essentials
"{1E132C9D-042E-E68D-9A85-5273085FBF75}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.5
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{269FC1B2-92D3-1AA7-CC2E-E3BFB141ED08}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A9B8C94-2781-4B36-941E-CB37957DE0C0}_is1" = Xross Media Simulator 1.0
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C32C78B-877C-3552-7C8B-0D54EF06BFA3}" = CCC Help Hungarian
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{472D4D76-7C80-CADB-A3A4-0914E09F5BE8}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3E4DFA-6AC2-8E80-AF5C-DF34CC97FEA5}" = Catalyst Control Center HydraVision Full
"{4BD30961-6060-77DF-CA94-5EBB0C52177B}" = CCC Help Greek
"{4D3B92CA-7973-4D9E-BB93-52C705A473B6}" = OF Dragon Rising Demo
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CE8DE46-1D95-786A-A666-AAC564BC9200}" = TweetDeck
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F837C12-F45A-ADC7-DF59-3CF43C228226}" = ccc-core-static
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{662F7E0F-ED2A-6870-6F6A-EF99F424597C}" = CCC Help Spanish
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F7BC12B-33DB-728C-E3A6-410E3211E8A3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785740DF-DC05-F730-4309-09DDC7848A40}" = Catalyst Control Center Graphics Full New
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B68D39D-C167-DA59-587A-5143B0FF3458}" = Catalyst Control Center InstallProxy
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86925C00-AB04-17B3-D9FB-373943F39DE0}" = Catalyst Control Center Core Implementation
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B2585CB-0929-E56A-2508-A15FCEEF8B6B}" = CCC Help Portuguese
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{96173BCD-08AC-57B1-FCE3-E7A9018BE585}" = Catalyst Control Center Localization All
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C19FFB1-25FC-43FC-AC78-919E5E2A6DD0}" = TortoiseSVN 1.6.6.17493 (32 bit)
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AE04B8FC-4CD9-4A94-BE8F-C2434470FB11}" = DiRT2 Demo
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D42E3F13-E45C-33A1-7FBF-FB84419858E1}" = Catalyst Control Center Graphics Previews Vista
"{D70842BC-EDD5-7967-795F-E8CEFA8CC58D}" = CCC Help German
"{DCEBE43A-834D-67B5-306E-E95E9180D5B7}" = CCC Help English
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATITool" = ATITool Overclocking Utility
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battleground Europe: WWIIOL" = Battleground Europe: WWIIOL
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"HypreCam Toolbar" = HypreCam Toolbar
"ICQToolbar" = ICQ Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"Phun_is1" = Algodoo Phun edition v5.28
"Pivot 3.2 Beta Deutsch" = Pivot 3.2 Beta Deutsch
"Postal 2 Demo" = Postal 2 Demo
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"Steam App 17330" = Crysis Warhead
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.05.2010 08:53:20 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.05.2010 08:55:28 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 28.05.2010 21:28:51 | Computer Name = SchulzPC-PC | Source = MsiInstaller | ID = 11305
Description =
Error - 28.05.2010 21:28:59 | Computer Name = SchulzPC-PC | Source = MsiInstaller | ID = 11305
Description =
Error - 29.05.2010 04:45:42 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.05.2010 04:46:15 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 04:46:15 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 06:12:39 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.05.2010 06:15:48 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 06:15:49 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
[ Media Center Events ]
Error - 25.11.2009 14:23:32 | Computer Name = SchulzPC-PC | Source = McrMgr | ID = 109
Description =
Error - 10.03.2010 08:48:05 | Computer Name = SchulzPC-PC | Source = McrMgr | ID = 109
Description =
Error - 10.03.2010 13:53:27 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
Error - 10.03.2010 13:53:27 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 700
Description =
Error - 15.04.2010 06:48:29 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
Error - 15.04.2010 06:48:29 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 700
Description =
Error - 15.04.2010 06:50:28 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
[ System Events ]
Error - 20.04.2010 13:16:32 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 13:16:36 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:53:36 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:53:43 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:53:52 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:53:59 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:54:08 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:54:15 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:54:21 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 22:54:22 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
< End of report >
|
|
31.05.2010, 16:45
| #3 |
| | Merkwürdiger/s Virus / Programm Hab grad nochmal ein Malwarebyte Scan gemacht
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3539
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
31.05.2010 17:34:23
mbam-log-2010-05-31 (17-34-23).txt
Scan-Methode: Vollständiger Scan (C:\|G:\|)
Durchsuchte Objekte: 270991
Laufzeit: 1 hour(s), 3 minute(s), 33 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Adware.Ecobar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Adware.Ecobar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Adware.Ecobar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Adware.Ecobar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Adware.Ecobar) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Program Files (x86)\HypreCam Toolbar\tbhelper.dll (Adware.Ecobar) -> Quarantined and deleted successfully.
Und danach nochmal ein OTL Code:
ATTFilter TL logfile created on: 31.05.2010 17:36:23 - Run 2 OTL by OldTimer - Version 3.2.5.1 Folder = c:\Users\Schulz PC\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,88 Gb Total Space | 93,31 Gb Free Space | 40,07% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded Drive G: | 556,13 Gb Total Space | 556,00 Gb Free Space | 99,98% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ******PC-PC Current User Name: ****** PC Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - c:\Users\***** PC\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe (AVM Berlin) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) ========== Modules (SafeList) ========== MOD - c:\Users\***** PC\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys (Avira GmbH) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\Drivers\BTHport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\Drivers\BTHUSB.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (UMPass) -- C:\Windows\SysNative\DRIVERS\umpass.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\DRIVERS\bthpan.sys (Microsoft Corporation) DRV:64bit: - (AmdLLD64) -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys (AMD, Inc.) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\DRIVERS\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (ATITool) -- C:\Windows\SysNative\DRIVERS\ATITool64.sys () DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "dict.cc Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.36.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT65619&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.09 17:53:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.03 02:31:37 | 000,000,000 | ---D | M] [2009.11.15 19:51:00 | 000,000,000 | ---D | M] -- C:\Users\***** PC\AppData\Roaming\mozilla\Extensions [2010.05.31 06:21:05 | 000,000,000 | ---D | M] -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions [2010.01.19 14:04:48 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.04.08 15:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2010.05.18 17:29:47 | 000,000,000 | ---D | M] (dict.cc Toolbar) -- C:\Users\****** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{3160baf9-cf68-48ec-9076-faed7ce49467} [2010.03.18 13:40:17 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Schulz PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2010.05.24 20:30:04 | 000,000,000 | ---D | M] (HypreCam Toolbar) -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2010.02.23 00:06:13 | 000,000,000 | ---D | M] (Power Twitter) -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493} [2010.05.01 15:16:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.02.06 18:41:16 | 000,000,000 | ---D | M] -- C:\Users\* PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\battlefieldheroespatcher@ea.com [2010.04.20 02:00:11 | 000,000,000 | ---D | M] -- C:\Users\*** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\personas@christopher.beard [2010.05.22 00:37:26 | 000,000,000 | ---D | M] -- C:\Users\**** PC\AppData\Roaming\mozilla\Firefox\Profiles\saulgl6c.default\extensions\twitternotifier@naan.net [2009.12.16 12:04:20 | 000,002,172 | ---- | M] () -- C:\Users\***** PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\bing.xml [2010.04.21 12:12:44 | 000,000,913 | ---- | M] () -- C:\Users\**** PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\conduit.xml [2010.05.29 17:08:17 | 000,000,944 | ---- | M] () -- C:\Users\**** PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\icqplugin.xml [2010.01.19 20:55:27 | 000,001,996 | ---- | M] () -- C:\Users\***** PC\AppData\Roaming\Mozilla\FireFox\Profiles\saulgl6c.default\searchplugins\suche-in-wikipedia.xml [2010.05.31 06:21:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.24 19:35:31 | 000,395,319 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13653 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files (x86)\XfireXO\tbXfir.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMFBoxMonitor] C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe (AVM Berlin) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\****** PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\***** PC\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.31 06:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010.05.31 06:02:53 | 000,000,000 | ---D | C] -- C:\Users\***** PC\Documents\My Games [2010.05.29 11:01:34 | 000,000,000 | ---D | C] -- C:\Users\****** PC\AppData\Roaming\Avira [2010.05.29 10:59:34 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010.05.29 10:59:34 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.05.29 10:59:34 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2010.05.29 10:59:34 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2010.05.29 10:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.05.29 10:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010.05.29 04:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pivot [2010.05.29 03:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pivot Stickfigure Animator [2010.05.27 17:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TweetDeck [2010.05.27 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wisdom-soft AutoScreenRecorder 3 Free [2010.05.26 00:40:24 | 000,000,000 | ---D | C] -- C:\Users\***** PC\Documents\gegl-0.0 [2010.05.25 15:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server [2010.05.24 20:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HypreCam Toolbar [2010.05.24 20:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyCam2 [2010.05.24 19:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.05.24 19:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2010.05.21 19:07:31 | 000,000,000 | ---D | C] -- C:\Users\****** PC\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2010.05.21 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010.05.18 21:43:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Algodoo Phun Edition [2010.05.09 18:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PrettyMay [2010.05.08 14:31:45 | 000,000,000 | ---D | C] -- C:\Users\***** PC\Documents\ICQ [2010.05.08 12:58:14 | 000,000,000 | ---D | C] -- C:\Users\***** PC\Documents\random [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.31 17:36:15 | 006,553,600 | -HS- | M] () -- C:\Users\***** PC\NTUSER.DAT [2010.05.31 17:30:49 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{685A5B38-4429-4657-8E0D-2C702BBDFDD4}.job [2010.05.31 17:28:19 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.31 17:28:19 | 000,004,112 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.31 16:37:27 | 000,018,944 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.31 15:28:34 | 000,007,052 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\d3d9caps.dat [2010.05.31 15:28:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.31 15:28:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.31 06:49:34 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.05.31 06:49:30 | 000,524,288 | -HS- | M] () -- C:\Users\Schulz PC\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2010.05.31 06:49:30 | 000,065,536 | -HS- | M] () -- C:\Users\Schulz PC\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2010.05.31 06:49:23 | 003,999,963 | -H-- | M] () -- C:\Users\Schulz PC\AppData\Local\IconCache.db [2010.05.31 06:21:17 | 000,001,732 | ---- | M] () -- C:\Users\Schulz PC\Desktop\CCleaner.lnk [2010.05.31 06:02:47 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2010.05.31 03:51:35 | 000,113,353 | ---- | M] () -- C:\Users\Schulz PC\.recently-used.xbel [2010.05.30 22:37:32 | 008,579,810 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0009.avi [2010.05.30 22:37:28 | 160,042,278 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0008.avi [2010.05.30 22:36:27 | 128,181,124 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0007.avi [2010.05.30 22:35:27 | 307,164,284 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0006.avi [2010.05.29 19:51:38 | 000,105,447 | ---- | M] () -- C:\Users\Schulz PC\Documents\gif xD.gif [2010.05.29 19:51:07 | 000,003,927 | ---- | M] () -- C:\Users\Schulz PC\Documents\gif xD.piv [2010.05.29 10:59:50 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.29 10:46:42 | 000,059,120 | ---- | M] () -- C:\Users\Schulz PC\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.29 10:44:56 | 000,264,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.05.29 04:04:38 | 000,005,881 | ---- | M] () -- C:\Users\Schulz PC\Documents\crap.piv [2010.05.29 03:57:40 | 000,115,355 | ---- | M] () -- C:\Users\Schulz PC\Documents\rofl.gif [2010.05.29 03:29:58 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk [2010.05.27 17:53:19 | 075,542,034 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0005.avi [2010.05.27 17:31:20 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\TweetDeck.lnk [2010.05.27 16:22:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010.05.26 20:07:34 | 817,101,088 | ---- | M] () -- C:\Users\Schulz PC\Documents\clip0004.avi [2010.05.25 21:12:22 | 000,000,104 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Internet - Verknüpfung.lnk [2010.05.25 15:50:26 | 000,000,879 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk [2010.05.24 19:35:31 | 000,395,319 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.05.24 19:28:15 | 000,395,319 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100524-193531.backup [2010.05.20 20:25:31 | 000,000,204 | ---- | M] () -- C:\Windows\struct~.ini [2010.05.19 13:12:22 | 001,447,804 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.19 13:12:22 | 000,628,672 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.19 13:12:22 | 000,595,748 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.19 13:12:22 | 000,127,400 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.19 13:12:22 | 000,105,078 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.18 21:44:01 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\Phun.lnk [2010.05.09 15:07:36 | 000,000,834 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Skype.lnk [2010.05.08 12:59:38 | 000,000,136 | ---- | M] () -- C:\Users\Schulz PC\Desktop\Operation Flashpoint - Dragon Rising Demo - Verknüpfung.lnk [2010.05.07 21:52:46 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll [2010.05.07 21:52:46 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.31 06:21:17 | 000,001,732 | ---- | C] () -- C:\Users\Schulz PC\Desktop\CCleaner.lnk [2010.05.31 03:51:35 | 000,113,353 | ---- | C] () -- C:\Users\Schulz PC\.recently-used.xbel [2010.05.30 22:37:28 | 008,579,810 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0009.avi [2010.05.30 22:36:27 | 160,042,278 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0008.avi [2010.05.30 22:35:37 | 128,181,124 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0007.avi [2010.05.30 22:33:24 | 307,164,284 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0006.avi [2010.05.29 19:51:32 | 000,105,447 | ---- | C] () -- C:\Users\Schulz PC\Documents\gif xD.gif [2010.05.29 19:51:07 | 000,003,927 | ---- | C] () -- C:\Users\Schulz PC\Documents\gif xD.piv [2010.05.29 19:01:01 | 000,822,272 | -H-- | C] () -- C:\Users\Schulz PC\Desktop\Pivot 3.2 Beta Deutsch.exe [2010.05.29 10:59:50 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.29 04:04:38 | 000,005,881 | ---- | C] () -- C:\Users\Schulz PC\Documents\crap.piv [2010.05.29 03:57:40 | 000,115,355 | ---- | C] () -- C:\Users\Schulz PC\Documents\rofl.gif [2010.05.29 03:29:58 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\Pivot Stickfigure Animator.lnk [2010.05.28 00:33:55 | 000,038,924 | ---- | C] () -- C:\Users\Schulz PC\Desktop\FerroRosso.ttf [2010.05.27 17:51:34 | 075,542,034 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0005.avi [2010.05.26 18:51:01 | 817,101,088 | ---- | C] () -- C:\Users\Schulz PC\Documents\clip0004.avi [2010.05.25 21:12:22 | 000,000,104 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Internet - Verknüpfung.lnk [2010.05.25 15:50:26 | 000,000,879 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk [2010.05.21 19:07:26 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\TweetDeck.lnk [2010.05.18 21:44:01 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\Phun.lnk [2010.05.09 18:43:58 | 000,000,204 | ---- | C] () -- C:\Windows\struct~.ini [2010.05.09 15:07:36 | 000,000,834 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Skype.lnk [2010.05.08 12:59:38 | 000,000,136 | ---- | C] () -- C:\Users\Schulz PC\Desktop\Operation Flashpoint - Dragon Rising Demo - Verknüpfung.lnk [2010.05.07 21:52:46 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010.05.07 21:52:46 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll [2009.11.16 19:50:24 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.11.16 01:21:33 | 001,475,582 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.11.08 04:41:57 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.11.08 04:41:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Schulz PC\Documents\clip0005.avi:TOC.WMV < End of report > Code:
ATTFilter OTL Extras logfile created on: 31.05.2010 17:36:23 - Run 2
OTL by OldTimer - Version 3.2.5.1 Folder = c:\Users\Schulz PC\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 93,31 Gb Free Space | 40,07% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 556,13 Gb Total Space | 556,00 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SCHULZPC-PC
Current User Name: Schulz PC
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 1F 9D A4 7B 1F 60 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3301016802-1052793671-704723331-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA12EE5-9421-4A70-8D5F-D5881B69B8F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E9992CB-5B0D-44BB-B3F9-B32241C9B835}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1777C660-6BC7-4D41-9AB4-B18EC6AD4E9E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{18BD6522-FB3E-449C-BF85-C80BC2377C9E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1936381D-56A3-4057-888A-31D38EE252A1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E67520E-FC1B-4A60-9DC6-7E2D410B8443}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{250D026C-2C19-42D4-B31C-FD9B9A94158A}" = rport=10244 | protocol=6 | dir=out | app=system |
"{3DD3A43C-4A47-48D8-ACD2-BDF271B5FB64}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{423220E3-5F59-4765-9DD9-89CA18ECE634}" = lport=445 | protocol=6 | dir=in | app=system |
"{4A61DB61-3A76-47E0-BB79-04DBDF6A6A3B}" = rport=139 | protocol=6 | dir=out | app=system |
"{4C520215-5D30-4143-9447-23D2E532DD31}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{4F166FC4-5433-47B0-BB4A-01785FC81D3B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{57C625BC-71D9-454B-9A6C-4E2165365BDA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{599B6AAF-BEA0-4D8B-B312-8217C3B79F69}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65389325-0A7E-4142-A918-D8E10855F6EE}" = lport=10244 | protocol=6 | dir=in | app=system |
"{65961C33-DCA3-442F-B375-B91A49B06088}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7029F6CC-411D-499E-B605-D249C6D5052C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{78AE6919-8B6A-4BD7-9566-DC2AF92DE52D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{837D0796-967D-46D5-AF09-E9CEB09631E8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8885A92B-9A0A-449E-B7A8-4608D6EC3971}" = lport=139 | protocol=6 | dir=in | app=system |
"{8DB6DC34-2A55-49C4-8E6B-D895B8E4914E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8F1EFEAB-FE28-49B9-B75E-16F1AE14F44E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FC71FCF-A383-4035-9991-214EC62F3EF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{9234C7B5-228C-4034-A01A-89578451F9C9}" = rport=445 | protocol=6 | dir=out | app=system |
"{9A020E24-3D82-4114-95D9-D8CC66AF31D4}" = lport=3390 | protocol=6 | dir=in | app=system |
"{A23FDA72-F2E4-4992-BE42-7E08FE659B55}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B004C52E-7165-448F-87E2-34EC1010F2F9}" = rport=10244 | protocol=6 | dir=out | app=system |
"{B1B174C1-95F7-4911-9E13-A20BCA250CA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B227E55B-B104-4C4B-827D-CD90F39B2E7F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C41DC9A3-B3D8-4667-97C5-6C27AFDCCC26}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{CDF6559F-5248-4D47-A415-1E3364A23A0D}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D7F531FB-3F64-4C21-841E-FA56243B4A77}" = rport=138 | protocol=17 | dir=out | app=system |
"{E378FCB8-DAA7-4BAF-BDB9-19E4921A8420}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB14E3C6-761B-4ED2-9A35-026D8847B4DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F21EDBB2-A002-4B49-A56E-00CC132A940D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FB5576D6-3A38-4102-BDC3-E42D2364DA6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B735FD-4EC7-444B-8372-D7CC6D061C4C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{06F2A313-90C6-4AA9-ADF8-2B5EE8E68F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{09420C9D-B50C-4F25-8581-24DE79944DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{099B6FA8-489B-4EF0-8B0D-16D87AB84036}" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe |
"{0D281AAE-968F-47C9-B08F-912252702A4C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{12ECDC6F-0B53-4C30-A9BE-6156675384BB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{163B2B17-FA6E-4181-8935-10DE82F0598B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{17E27D84-805A-46FB-AE6F-9580A271E3A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1A96B60D-4A6A-436E-8831-C7B8D7CC01D3}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{1C2EC662-5C0A-4831-ABFB-C989C9EF4792}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{2141F537-C3B0-47CE-AE41-F0588B22E57D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\punny2061\day of defeat source\hl2.exe |
"{28CEDE76-5BA1-4276-8331-4352D759F37E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{2B814B16-7FAF-4851-9F98-97370C9DBA97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2DC03553-C8D9-49CC-8C16-2FB4A001D198}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{2F197313-EAA7-486B-93E5-C9CC8D43D08C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{37163A27-ACB1-486B-814A-1D12F0FD181E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{384AFEAD-73CA-40DE-ABA9-16AC036C9DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising demo\ofdr demo.exe |
"{3CEE9254-FAF8-4728-B1AC-3B08193B428D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{41CE9CBC-E8CD-46E7-BEB0-A98FC61C57C2}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{42566566-D454-4B17-A2E0-2B1BD883607B}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{434A21D6-1E84-42FE-96E2-8174A4A2A0BD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{46FB15CC-A1A3-4F4C-8FD4-321216232B13}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{49F87B6B-9B0C-4B1C-8A17-FC818A3FE6A2}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising demo\ofdr demo.exe |
"{50BC4A6E-FD38-4D63-9862-54BE59B87339}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{57107037-E536-49C3-A468-C945FF62FCE3}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{58F683E2-9012-42A6-9A8D-493AE4AB49B7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{6028B5C4-56AF-4AE9-8503-4F2841E8A811}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{6336ACDB-574E-4658-8C33-B40346DF9F60}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{65FB14C3-4914-447F-AF18-C3370558E080}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{66A41707-A02E-4E76-9D8F-4CAF14F0A5A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{680D8855-CA07-4CA0-9865-5E2647F5937B}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{68E43BA9-48FF-4325-832D-A3C18A8C60D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{7D6E803C-8F72-464D-B032-0B50A93C6A37}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{7EFFF005-517B-46F9-906A-04324CA68141}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{847A9836-0827-4E1A-89AF-9D16629756DF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{87A97E7E-CC5F-41AA-A6AE-89FE082D115B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{88AF6F3E-DF05-42A0-9534-2667EC747FAA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shattered_horizon\client_exe\shattered_horizon.exe |
"{8EC0D2FD-94D1-4A69-A3D0-B869626F458F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis\bin32\crysis.exe |
"{925B837F-A0F3-4D47-A3A8-7793ED61D0F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{93B6B09A-D0B6-4760-921E-36C9006C5A42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.0\aolload.exe |
"{980D2E21-7B26-4AD9-8DDA-2E6C3540C0BA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{9B9CF07E-2567-481A-87C9-B0080B09C15E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{9BB0378A-2E7F-4ED8-A62F-066C8D4A4305}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{9F0B09CF-C15A-4051-B221-71D513B23CD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B49CEF5B-AECD-4C80-B80C-2ED225CAFB8D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B7BAE1D9-5039-4365-9257-611145CA6B96}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BD1B6AAA-EF2A-45CC-BA04-A4E4EEC1064B}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{C5AA5A57-4E52-4148-AF17-ECDA029CCE14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C8DE7322-AEE5-44F6-9A09-A9C79A620F68}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{CDF07E3E-F5F0-4A57-ACFF-B45E1BC46498}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt2 demo\dirt2.exe |
"{D3452B04-0663-425D-B196-8B09719327F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\config.exe |
"{D3831DE0-A443-4CFC-9F41-86C1CD1FAE8D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D59EE67F-89CB-4C55-8DD6-6F47D350A974}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.0\icq.exe |
"{DAA58A1F-6013-48DC-8A07-BB2282751506}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\overlord\overlord.exe |
"{DAF5B9DA-EB99-40B1-8432-1A56FCA7B8F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{DD2C59A4-CA49-4593-8717-17DB03BE7337}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DE013AB8-CE7A-4E16-902B-81B18B97BDEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E0C2493F-58EB-4922-AF42-66D7F1977D12}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\punny2061\day of defeat source\hl2.exe |
"{E16249F4-8CD1-4AAB-87D5-DC8644CC6346}" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3 (lg)\binaries\ut3.exe |
"{E3F556B8-9BD3-43B2-80AB-E20742DB78B6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E8A951D7-ADBA-4922-B4C5-73A7A8B26595}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{E91E794B-6169-44D5-B02B-BC4D3957C017}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 demo\justcause2.exe |
"{EF4A7E45-397D-453D-8799-197451B6A882}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt2 demo\dirt2.exe |
"{F03B3AF6-97F2-4638-9D30-903662813715}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{F5D8516B-5A3C-4E2C-A3AB-237FEFD36B86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\crysis warhead\bin32\crysis.exe |
"{F984D2AE-4E95-4F98-B6E5-4FED1E2BD039}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{FBB50CD6-DA8C-43F8-AEC2-027861299D3A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"TCP Query User{A1075E99-35BB-4CB1-AE56-4831173514B5}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"TCP Query User{C0282ABF-E83A-4FBC-AA3D-55B0DAE391E4}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{CF02C94B-2AE9-40B0-AF23-1ADCAE096EFA}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"TCP Query User{F904B389-EAC0-4C5F-B574-5AEBC3F58B92}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{1368778F-65F2-4BC8-A693-2C52CD8BCA73}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{315BCFEB-1A58-40D7-8D4B-F7DE382AA762}C:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!box monitor\fritzboxmonitor.exe |
"UDP Query User{68D7A782-1810-4B6E-804E-CD506E2F286A}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"UDP Query User{AA16D909-33ED-4131-84F0-C17CF45A5839}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E96FD88-FF86-25BB-112E-804C2F1B1128}" = ATI Catalyst Install Manager
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC2512D4-ED8A-4015-BF87-92478483C171}" = TortoiseSVN 1.6.6.17493 (64 bit)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B71779A7-9931-A01C-FE36-26D30133B3A1}" = ccc-utility64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07785343-2AA5-5493-2F7E-6828FD1BE825}" = CCC Help Polish
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F52FBBC-D076-9A9A-5A0F-FFC6D46361B0}" = Catalyst Control Center Graphics Previews Common
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}" = Nero 8 Essentials
"{1E132C9D-042E-E68D-9A85-5273085FBF75}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.5
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{269FC1B2-92D3-1AA7-CC2E-E3BFB141ED08}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A9B8C94-2781-4B36-941E-CB37957DE0C0}_is1" = Xross Media Simulator 1.0
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C32C78B-877C-3552-7C8B-0D54EF06BFA3}" = CCC Help Hungarian
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{472D4D76-7C80-CADB-A3A4-0914E09F5BE8}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3E4DFA-6AC2-8E80-AF5C-DF34CC97FEA5}" = Catalyst Control Center HydraVision Full
"{4BD30961-6060-77DF-CA94-5EBB0C52177B}" = CCC Help Greek
"{4D3B92CA-7973-4D9E-BB93-52C705A473B6}" = OF Dragon Rising Demo
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CE8DE46-1D95-786A-A666-AAC564BC9200}" = TweetDeck
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{5F837C12-F45A-ADC7-DF59-3CF43C228226}" = ccc-core-static
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{662F7E0F-ED2A-6870-6F6A-EF99F424597C}" = CCC Help Spanish
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F7BC12B-33DB-728C-E3A6-410E3211E8A3}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785740DF-DC05-F730-4309-09DDC7848A40}" = Catalyst Control Center Graphics Full New
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B68D39D-C167-DA59-587A-5143B0FF3458}" = Catalyst Control Center InstallProxy
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86925C00-AB04-17B3-D9FB-373943F39DE0}" = Catalyst Control Center Core Implementation
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B2585CB-0929-E56A-2508-A15FCEEF8B6B}" = CCC Help Portuguese
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{96173BCD-08AC-57B1-FCE3-E7A9018BE585}" = Catalyst Control Center Localization All
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C19FFB1-25FC-43FC-AC78-919E5E2A6DD0}" = TortoiseSVN 1.6.6.17493 (32 bit)
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AE04B8FC-4CD9-4A94-BE8F-C2434470FB11}" = DiRT2 Demo
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}" = WinZip 12.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{D42E3F13-E45C-33A1-7FBF-FB84419858E1}" = Catalyst Control Center Graphics Previews Vista
"{D70842BC-EDD5-7967-795F-E8CEFA8CC58D}" = CCC Help German
"{DCEBE43A-834D-67B5-306E-E95E9180D5B7}" = CCC Help English
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATITool" = ATITool Overclocking Utility
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"AVMWLANCLI" = AVM FRITZ!WLAN
"Battleground Europe: WWIIOL" = Battleground Europe: WWIIOL
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"HypreCam Toolbar" = HypreCam Toolbar
"ICQToolbar" = ICQ Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"Phun_is1" = Algodoo Phun edition v5.28
"Pivot 3.2 Beta Deutsch" = Pivot 3.2 Beta Deutsch
"Postal 2 Demo" = Postal 2 Demo
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.05.2010 04:45:42 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.05.2010 04:46:15 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 04:46:15 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 06:12:39 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.05.2010 06:15:48 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 29.05.2010 06:15:49 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 30.05.2010 10:37:41 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.05.2010 10:40:03 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Error - 31.05.2010 09:28:42 | Computer Name = SchulzPC-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.05.2010 09:29:33 | Computer Name = SchulzPC-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen Komponenten
sind: Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
[ Media Center Events ]
Error - 25.11.2009 14:23:32 | Computer Name = SchulzPC-PC | Source = McrMgr | ID = 109
Description =
Error - 10.03.2010 08:48:05 | Computer Name = SchulzPC-PC | Source = McrMgr | ID = 109
Description =
Error - 10.03.2010 13:53:27 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
Error - 10.03.2010 13:53:27 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 700
Description =
Error - 15.04.2010 06:48:29 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
Error - 15.04.2010 06:48:29 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 700
Description =
Error - 15.04.2010 06:50:28 | Computer Name = SchulzPC-PC | Source = ehReplay | ID = 701
Description =
[ System Events ]
Error - 19.04.2010 08:12:40 | Computer Name = SchulzPC-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001C4AF92C9C zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error - 19.04.2010 18:47:24 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 19.04.2010 18:47:25 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 08:53:16 | Computer Name = SchulzPC-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.04.2010 12:10:58 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 12:11:05 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 12:11:15 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 12:11:16 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 13:16:32 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
Error - 20.04.2010 13:16:36 | Computer Name = SchulzPC-PC | Source = FWLANUSB | ID = 5002
Description = AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters
wurde ermittelt.
< End of report >
|
|
| Themen zu Merkwürdiger/s Virus / Programm |
| 100%, antivir, antivir guard, avira, bho, desktop, firefox, hijack, hijackthis, internet, internet explorer, kaspersky, logfile, monitor, mozilla, otl log, plug-in, programm, rundll, safer networking, schnelle hilfe, security, software, stick, system, syswow64, virus, vista, windows |
Linear-Darstellung
