| |
| |||||||
Alles rund um Windows: probleme mit FireFox 4, IE8 & SkypeWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
13.04.2011, 22:04
| #1 |
| |  Problem: probleme mit FireFox 4, IE8 & Skype Hallo leute, ich habe seit heute das problem das mein FireFox 4 ständig einfriert (IE 8 ebenso), mein Skype sich plötzlich von allein "runterfährt" wenn ich es eine längere zeit minimiert habe, und das die systemwiederherstellung nicht mehr funktioniert?!?! und nach jedem pc neustart bekomme ich eine fehlermeldung über eine "cliprsv.exe" (screenshot im anhang) kann mir niemand helfen? |
|
14.04.2011, 10:51
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | probleme mit FireFox 4, IE8 & Skype Anleitung / Hilfe Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
15.04.2011, 05:35
| #3 |
| | probleme mit FireFox 4, IE8 & Skype Details Malewarebytes LOG:
__________________Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 15.04.2011 06:30:28 mbam-log-2011-04-15 (06-30-07).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 492799 Laufzeit: 6 Stunde(n), 48 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 8 Infizierte Registrierungswerte: 10 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 1 Infizierte Dateien: 9 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CLASSES_ROOT\linkrdr.AIEbho.1 (Trojan.Banker) -> No action taken. HKEY_CLASSES_ROOT\linkrdr.AIEbho (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> No action taken. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{F5E6C6DA-E1E0-2B9F-7CBB-E069673FBC3E} (Trojan.ZbotR.Gen) -> Value: {F5E6C6DA-E1E0-2B9F-7CBB-E069673FBC3E} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\CmSTP (Trojan.Agent) -> Value: CmSTP -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\DllHst (Trojan.Downloader) -> Value: DllHst -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\SessMgr (Trojan.Agent) -> Value: SessMgr -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ComRepl (Trojan.Agent) -> Value: ComRepl -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\MstInit (Trojan.Agent) -> Value: MstInit -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Esent Utl (Trojan.Agent) -> Value: Esent Utl -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Spool (Trojan.Agent) -> Value: Spool -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\IEudinit (Trojan.Agent) -> Value: IEudinit -> No action taken. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Cisvc (Trojan.Rodecap) -> Value: Cisvc -> No action taken. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (c:\windows\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe,) Good: (userinit.exe) -> No action taken. Infizierte Verzeichnisse: c:\WINDOWS\system32\xmldm (Stolen.Data) -> No action taken. Infizierte Dateien: c:\WINDOWS\system32\acroiehelpe.dll (Trojan.Banker) -> No action taken. c:\WINDOWS\system32\srvblck2.tmp (Malware.Trace) -> No action taken. c:\WINDOWS\system32\acroiehelpe.txt (Malware.Trace) -> No action taken. c:\dokumente und einstellungen\christian philip\lokale einstellungen\Temp\0.4203577971872148.exe (Trojan.Dropper) -> No action taken. c:\WINDOWS\system\spoolsv.exe (Trojan.Agent) -> No action taken. c:\WINDOWS\system32\xmldm\iexplore.exe_uas001.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\iexplore.exe_uas002.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\_UAs001.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\_UAs002.dat (Stolen.Data) -> No action taken. und die Logs von OTL kommen danach Geändert von Bochum (15.04.2011 um 05:51 Uhr) |
|
15.04.2011, 05:52
| #4 |
| | Lösung: probleme mit FireFox 4, IE8 & Skype OTL Logs:OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.04.2011 06:43:01 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\Christian Philip\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 1,00 Gb Available in Paging File | 34,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,09 Gb Total Space | 16,35 Gb Free Space | 5,48% Space Free | Partition Type: NTFS Drive D: | 1,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 188,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: XONEBO | User Name: Christian Philip | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Christian Philip\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security Toolbar Antiphishing\panda2_0dn.exe (Panda Security) PRC - C:\Programme\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.) PRC - C:\Programme\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Logitech\Profiler\LWEMon.exe (Logitech Inc.) PRC - C:\Programme\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.) PRC - C:\WINDOWS\system32\lxcgcoms.exe () PRC - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Christian Philip\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security Toolbar Antiphishing\panda2_0dn.dll (Panda Security) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- File not found SRV - (AppMgmt) -- File not found SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (NanoServiceMain) -- C:\Programme\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.) SRV - (avg9wd) -- C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Hamachi2Svc) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (lxcg_device) -- C:\WINDOWS\System32\lxcgcoms.exe () SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (UleadBurningHelper) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.) DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.) DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.) DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.) DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (RkPavproc1) -- C:\WINDOWS\system32\drivers\RkPavproc1.sys (Panda Security, S.L.) DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation) DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys () DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative) DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (w200obex) -- C:\WINDOWS\system32\drivers\w200obex.sys (MCCI) DRV - (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\w200mgmt.sys (MCCI) DRV - (w200mdm) -- C:\WINDOWS\system32\drivers\w200mdm.sys (MCCI) DRV - (w200mdfl) -- C:\WINDOWS\system32\drivers\w200mdfl.sys (MCCI) DRV - (w200bus) Sony Ericsson W200 driver (WDM) -- C:\WINDOWS\system32\drivers\w200bus.sys (MCCI) DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.) DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.) DRV - (WmHidLo) -- C:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.) DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.) DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.) DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 C9 79 26 A3 EC CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://google.mini20.com IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\prxtbMes2.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 FF - prefs.js..extensions.enabledItems: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4}:3.2.5.2 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15 FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0 FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:1.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programme\AVG\AVG9\Firefox [2010.11.24 18:03:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\widgetruntime@surfsecret.com: C:\Programme\Panda Security\Panda ID Protect\Firefox [2010.07.25 12:04:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\5015 [2011.04.12 11:46:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.04.13 21:57:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.04.14 08:33:40 | 000,000,000 | ---D | M] [2008.12.02 05:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Extensions [2011.04.08 14:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions [2009.09.05 12:44:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.29 07:50:43 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Community Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280} [2011.03.29 07:51:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011.03.29 07:51:11 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} [2011.04.08 14:24:48 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.03.29 07:51:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.04 10:40:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.07.25 12:03:26 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2011.03.29 07:51:50 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011.03.29 07:50:22 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\extensions\engine@conduit.com [2011.04.13 08:05:24 | 000,001,713 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\searchplugins\Ask.xml [2011.03.21 01:39:46 | 000,000,873 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\searchplugins\conduit.xml [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\searchplugins\icqplugin.xml [2011.04.13 08:05:24 | 000,001,759 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Mozilla\Firefox\Profiles\qyxnmpr9.default\searchplugins\live-search.xml [2011.04.14 13:09:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.06.20 10:52:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.04.14 08:33:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2011.04.14 08:33:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011.04.12 11:46:29 | 000,000,000 | ---D | M] (Java String Helper) -- C:\WINDOWS\SYSTEM32\5015 [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.04.14 08:33:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\prxtbMes2.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Programme\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O2 - BHO: (Adobe PDF Reader Link Helper) - {C689C99E-3A8C-4c87-A79C-C80DC9C81632} - C:\WINDOWS\system32\AcroIEHelpe.dll (Adobe Systems, Incorporated) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\prxtbMes2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Programme\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Programme\Messenger_Plus_Live_Germany\prxtbMes2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [EzPrint] C:\Programme\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [FaxCenterServer] C:\Programme\Lexmark Fax Solutions\fm3032.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LXCGCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL () O4 - HKLM..\Run: [lxcgmon.exe] C:\Programme\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] File not found O4 - HKLM..\Run: [Panda Security Toolbar Antiphishing] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security Toolbar Antiphishing\panda2_0dn.exe (Panda Security) O4 - HKLM..\Run: [PSUNMain] C:\Programme\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [{F5E6C6DA-E1E0-2B9F-7CBB-E069673FBC3E}] File not found O4 - HKCU..\Run: [Aim] C:\Programme\AIM\aim.exe (AOL Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: CmSTP = C:\DOKUME~1\CHRIST~1\ANWEND~1\MICROS~1\cmstp.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: DllHst = C:\Dokumente und Einstellungen\Christian Philip\LOCALS~1\APPLIC~1\dllhst3g.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: SessMgr = C:\WINDOWS\sessmgr.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: ComRepl = C:\WINDOWS\System\comrepl.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Mstsc = C:\DOKUME~1\CHRIST~1\ANWEND~1\MICROS~1\mstsc.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: MstInit = C:\Dokumente und Einstellungen\Christian Philip\LOCALS~1\APPLIC~1\MICROS~1\mstinit.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Cisvc = C:\Dokumente und Einstellungen\Christian Philip\LOCALS~1\APPLIC~1\cisvc.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Esent Utl = C:\WINDOWS\System\esentutl.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Spool = C:\DOKUME~1\CHRIST~1\ANWEND~1\spoolsv.exe /waitservice O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: IEudinit = C:\Dokumente und Einstellungen\Christian Philip\LOCALS~1\APPLIC~1\MICROS~1\ieudinit.exe /waitservice O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1228177323 (Image Uploader Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227108497578 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.182 80.69.100.230 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe () O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.02.09 12:22:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.01.09 13:08:08 | 000,000,051 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2003.08.25 02:07:10 | 000,000,053 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.14 15:04:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.04.14 15:04:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.04.14 15:04:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.04.14 15:04:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.14 15:04:02 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\OTL.exe [2011.04.14 09:31:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\Uniblue [2011.04.14 09:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue [2011.04.14 09:30:52 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [2011.04.14 09:30:52 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue [2011.04.14 09:30:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\PackageAware [2011.04.14 08:34:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2011.04.14 08:33:40 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011.04.14 08:33:40 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011.04.14 08:33:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011.04.14 08:33:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011.04.14 07:57:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2011.04.14 07:57:02 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011.04.13 22:17:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2011.04.13 22:17:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Security Task Manager [2011.04.13 22:17:15 | 000,000,000 | ---D | C] -- C:\Programme\Security Task Manager [2011.04.13 08:05:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\IO [2011.04.12 22:51:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs [2011.04.12 11:46:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\5015 [2011.04.12 11:46:26 | 000,236,496 | ---- | C] (Adobe Systems, Incorporated) -- C:\WINDOWS\System32\AcroIEHelpe.dll [2011.04.12 11:46:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm [2011.04.12 11:46:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock [2011.04.11 09:31:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\acccore [2011.04.11 09:31:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\AIM [2011.04.11 09:31:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\AOL [2011.04.11 09:30:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AIM [2011.04.11 09:30:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AIM [2011.04.11 09:30:50 | 000,000,000 | ---D | C] -- C:\Programme\AIM [2011.04.11 09:30:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Software Update Utility [2011.04.11 09:30:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\AOL [2011.04.08 14:25:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ICQ7.4 [2011.04.08 14:25:05 | 000,000,000 | ---D | C] -- C:\Programme\ICQ6Toolbar [2011.04.08 14:24:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.04.08 14:21:41 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.4 [2011.04.02 04:14:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\r620 [2011.04.01 22:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\18 WoS Haulin [2011.04.01 22:13:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Startmenü\Programme\18 Wheels of Steel Haulin [2011.04.01 22:13:14 | 000,000,000 | ---D | C] -- C:\Programme\18 Wheels of Steel Haulin [2011.03.31 06:50:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Download Toolz [2011.03.31 06:50:15 | 000,000,000 | ---D | C] -- C:\Programme\DownloadToolz [2011.03.29 19:31:07 | 000,017,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\RkPavproc1.sys [2011.03.28 14:44:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\18WoS mods [2011.03.28 14:34:35 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2011.03.28 10:41:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Christian Philip\Recent [2011.03.28 10:07:05 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.03.20 23:02:13 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB [2010.06.02 06:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.14 17:18:55 | 074,612,961 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2011.04.14 16:57:52 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2011.04.14 15:04:57 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.14 15:04:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\OTL.exe [2011.04.14 13:15:04 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011.04.14 13:10:41 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2011.04.14 13:10:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.04.14 13:10:05 | 1878,249,472 | -HS- | M] () -- C:\hiberfil.sys [2011.04.14 09:31:02 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2011.04.14 09:30:58 | 000,001,716 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Uniblue RegistryBooster.lnk [2011.04.14 08:33:24 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011.04.14 08:33:24 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011.04.14 08:33:24 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2011.04.14 08:33:24 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2011.04.14 08:33:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2011.04.13 23:02:49 | 000,189,082 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\fehlermeldung.JPG [2011.04.13 22:26:11 | 000,494,590 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.04.13 22:26:11 | 000,471,290 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.04.13 22:26:11 | 000,098,254 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.04.13 22:26:11 | 000,082,604 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.04.13 22:16:50 | 002,057,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\SecurityTaskManager_Setup.exe [2011.04.13 22:07:10 | 003,932,214 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\fehlermeldung.bmp [2011.04.13 08:11:23 | 000,000,610 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Xfire.lnk [2011.04.12 22:46:03 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.04.12 11:46:26 | 000,236,496 | ---- | M] (Adobe Systems, Incorporated) -- C:\WINDOWS\System32\AcroIEHelpe.dll [2011.04.12 11:46:03 | 000,046,312 | RHS- | M] () -- C:\WINDOWS\System32\appconf32.exe [2011.04.11 09:31:08 | 000,000,469 | -H-- | M] () -- C:\IPH.PH [2011.04.11 09:30:58 | 000,001,536 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AIM.lnk [2011.04.10 07:07:41 | 001,965,541 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\2.wmv [2011.04.09 13:12:48 | 000,204,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.09 06:55:47 | 000,000,719 | ---- | M] () -- C:\cookies [2011.04.08 14:25:06 | 000,001,451 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.4.lnk [2011.04.08 13:32:12 | 000,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll [2011.04.08 10:49:22 | 000,000,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\fahrtenbuch.rtf [2011.04.03 10:05:37 | 000,057,601 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\01-28 Feb Haulin.jpg [2011.04.01 22:47:08 | 005,799,678 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\Mando Diao - Dance With Somebody (Official Video)(1).mp3 [2011.04.01 22:13:39 | 000,000,837 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\18 Wheels of Steel Haulin.lnk [2011.04.01 06:19:37 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\DVDVideoSoft Free Studio.lnk [2011.04.01 06:19:18 | 000,000,937 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\Free YouTube Download.lnk [2011.03.31 21:42:56 | 000,010,275 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mefordrea2.jpg [2011.03.31 21:34:19 | 000,008,565 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mefordrea.jpg [2011.03.30 07:44:38 | 005,257,334 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\haulin-MAN-TGX-BDF.rar [2011.03.28 14:34:35 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2011.03.28 14:34:31 | 000,001,577 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk [2011.03.28 12:46:36 | 000,002,968 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\33401521916d5b086adf975d0d143d40.dlc [2011.03.28 12:04:42 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2011.03.28 10:07:09 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.03.28 04:30:12 | 000,010,553 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\.recently-used.xbel [2011.03.27 19:44:40 | 000,109,895 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\tailpepi.jpg [2011.03.27 00:41:17 | 000,013,778 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mehandy2.jpg [2011.03.24 02:44:48 | 000,017,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.14 15:04:57 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.14 09:31:02 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\RegistryBooster.job [2011.04.14 09:30:58 | 000,001,716 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Uniblue RegistryBooster.lnk [2011.04.13 23:02:48 | 000,189,082 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\fehlermeldung.JPG [2011.04.13 22:16:48 | 002,057,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\SecurityTaskManager_Setup.exe [2011.04.13 22:07:10 | 003,932,214 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\fehlermeldung.bmp [2011.04.12 11:46:06 | 000,046,312 | RHS- | C] () -- C:\WINDOWS\System32\appconf32.exe [2011.04.11 09:30:58 | 000,001,536 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AIM.lnk [2011.04.11 09:30:15 | 000,000,469 | -H-- | C] () -- C:\IPH.PH [2011.04.10 07:03:43 | 001,965,541 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\2.wmv [2011.04.08 14:25:06 | 000,001,451 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.4.lnk [2011.04.08 13:32:12 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2011.04.03 10:05:36 | 000,057,601 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\01-28 Feb Haulin.jpg [2011.04.01 22:13:39 | 000,000,837 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\18 Wheels of Steel Haulin.lnk [2011.04.01 06:19:18 | 000,000,937 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\Free YouTube Download.lnk [2011.03.31 21:42:55 | 000,010,275 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mefordrea2.jpg [2011.03.31 07:05:31 | 005,799,678 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\Mando Diao - Dance With Somebody (Official Video)(1).mp3 [2011.03.30 07:44:15 | 005,257,334 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\haulin-MAN-TGX-BDF.rar [2011.03.28 14:34:31 | 000,001,577 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk [2011.03.28 12:46:36 | 000,002,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\33401521916d5b086adf975d0d143d40.dlc [2011.03.28 12:04:42 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk [2011.03.28 10:07:09 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.03.28 04:30:12 | 000,010,553 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\.recently-used.xbel [2011.03.27 19:44:28 | 000,109,895 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\tailpepi.jpg [2011.03.27 00:41:16 | 000,013,778 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mehandy2.jpg [2011.03.27 00:41:16 | 000,008,565 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Desktop\mefordrea.jpg [2010.12.26 20:30:27 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2010.09.11 19:04:36 | 000,104,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Anwendungsdaten\PandaIDProtectHelp_de.chm [2010.08.02 09:25:08 | 000,000,116 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010.07.25 12:03:05 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat [2010.07.10 15:28:29 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010.06.02 06:22:54 | 001,412,902 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab [2010.06.02 06:22:54 | 001,127,217 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab [2010.06.02 06:22:54 | 000,273,960 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x64.cab [2010.06.02 06:22:54 | 000,272,611 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x86.cab [2010.06.02 06:22:54 | 000,182,361 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab [2010.06.02 06:22:54 | 000,138,017 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab [2010.06.02 06:22:54 | 000,086,037 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab [2010.06.02 06:22:54 | 000,045,359 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab [2010.06.02 06:22:52 | 001,906,878 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x64.cab [2010.06.02 06:22:52 | 001,550,796 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x86.cab [2010.06.02 06:22:52 | 000,965,421 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x86.cab [2010.06.02 06:22:52 | 000,121,794 | ---- | C] () -- C:\Programme\Nov2008_XACT_x64.cab [2010.06.02 06:22:52 | 000,092,684 | ---- | C] () -- C:\Programme\Nov2008_XACT_x86.cab [2010.06.02 06:22:52 | 000,054,522 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x64.cab [2010.06.02 06:22:52 | 000,021,851 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x86.cab [2010.06.02 06:22:50 | 000,994,154 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x64.cab [2010.06.02 06:22:50 | 000,196,762 | ---- | C] () -- C:\Programme\NOV2007_XACT_x64.cab [2010.06.02 06:22:50 | 000,148,264 | ---- | C] () -- C:\Programme\NOV2007_XACT_x86.cab [2010.06.02 06:22:50 | 000,046,144 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x64.cab [2010.06.02 06:22:50 | 000,018,496 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x86.cab [2010.06.02 06:22:48 | 001,802,058 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x64.cab [2010.06.02 06:22:48 | 001,709,360 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x86.cab [2010.06.02 06:22:48 | 000,864,600 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x64.cab [2010.06.02 06:22:48 | 000,803,884 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x86.cab [2010.06.02 06:22:48 | 000,273,018 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x86.cab [2010.06.02 06:22:46 | 000,275,044 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x64.cab [2010.06.02 06:22:46 | 000,121,506 | ---- | C] () -- C:\Programme\Mar2009_XACT_x64.cab [2010.06.02 06:22:46 | 000,092,740 | ---- | C] () -- C:\Programme\Mar2009_XACT_x86.cab [2010.06.02 06:22:38 | 000,054,600 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x64.cab [2010.06.02 06:22:38 | 000,021,298 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x86.cab [2010.06.02 06:22:36 | 001,973,702 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x64.cab [2010.06.02 06:22:36 | 001,612,446 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x86.cab [2010.06.02 06:22:36 | 001,067,160 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x64.cab [2010.06.02 06:22:36 | 001,040,745 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x86.cab [2010.06.02 06:22:36 | 000,251,194 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x64.cab [2010.06.02 06:22:36 | 000,226,250 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x86.cab [2010.06.02 06:22:36 | 000,122,336 | ---- | C] () -- C:\Programme\Mar2008_XACT_x64.cab [2010.06.02 06:22:36 | 000,093,734 | ---- | C] () -- C:\Programme\Mar2008_XACT_x86.cab [2010.06.02 06:22:34 | 001,769,862 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x64.cab [2010.06.02 06:22:34 | 001,443,282 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x86.cab [2010.06.02 06:22:34 | 000,818,260 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x86.cab [2010.06.02 06:22:34 | 000,055,058 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x64.cab [2010.06.02 06:22:34 | 000,021,867 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x86.cab [2010.06.02 06:22:32 | 000,937,246 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x64.cab [2010.06.02 06:22:32 | 000,844,884 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x64.cab [2010.06.02 06:22:32 | 000,768,036 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x86.cab [2010.06.02 06:22:32 | 000,278,060 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x86.cab [2010.06.02 06:22:32 | 000,277,338 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x64.cab [2010.06.02 06:22:32 | 000,124,596 | ---- | C] () -- C:\Programme\Jun2010_XACT_x64.cab [2010.06.02 06:22:32 | 000,093,686 | ---- | C] () -- C:\Programme\Jun2010_XACT_x86.cab [2010.06.02 06:22:30 | 000,762,188 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x86.cab [2010.06.02 06:22:30 | 000,235,955 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x64.cab [2010.06.02 06:22:30 | 000,197,283 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x86.cab [2010.06.02 06:22:30 | 000,138,205 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x64.cab [2010.06.02 06:22:30 | 000,109,445 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x86.cab [2010.06.02 06:22:28 | 000,944,460 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 06:22:28 | 000,931,471 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 06:22:28 | 000,752,783 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x64.cab [2010.06.02 06:22:20 | 000,269,024 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x86.cab [2010.06.02 06:22:18 | 001,792,608 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x64.cab [2010.06.02 06:22:18 | 001,463,878 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x86.cab [2010.06.02 06:22:18 | 000,867,828 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x64.cab [2010.06.02 06:22:18 | 000,849,919 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x86.cab [2010.06.02 06:22:18 | 000,269,628 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x64.cab [2010.06.02 06:22:18 | 000,152,909 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab [2010.06.02 06:22:18 | 000,121,054 | ---- | C] () -- C:\Programme\JUN2008_XACT_x64.cab [2010.06.02 06:22:18 | 000,093,128 | ---- | C] () -- C:\Programme\JUN2008_XACT_x86.cab [2010.06.02 06:22:18 | 000,055,154 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x64.cab [2010.06.02 06:22:18 | 000,021,905 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x86.cab [2010.06.02 06:22:16 | 001,607,774 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab [2010.06.02 06:22:16 | 001,607,286 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab [2010.06.02 06:22:16 | 001,064,925 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab [2010.06.02 06:22:16 | 000,699,044 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab [2010.06.02 06:22:16 | 000,698,472 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab [2010.06.02 06:22:16 | 000,197,122 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab [2010.06.02 06:22:16 | 000,180,785 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab [2010.06.02 06:22:16 | 000,133,671 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab [2010.06.02 06:22:14 | 001,336,002 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab [2010.06.02 06:22:14 | 000,277,191 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x86.cab [2010.06.02 06:22:14 | 000,276,960 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x64.cab [2010.06.02 06:22:14 | 000,122,446 | ---- | C] () -- C:\Programme\Feb2010_XACT_x64.cab [2010.06.02 06:22:14 | 000,093,180 | ---- | C] () -- C:\Programme\Feb2010_XACT_x86.cab [2010.06.02 06:22:12 | 000,194,675 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab [2010.06.02 06:22:12 | 000,147,983 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab [2010.06.02 06:22:12 | 000,054,678 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x64.cab [2010.06.02 06:22:12 | 000,020,713 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x86.cab [2010.06.02 06:22:10 | 000,178,359 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab [2010.06.02 06:22:10 | 000,132,409 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab [2010.06.02 06:22:04 | 001,084,720 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab [2010.06.02 06:22:02 | 001,801,048 | ---- | C] () -- C:\Programme\dsetup32.dll [2010.06.02 06:22:02 | 001,574,376 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab [2010.06.02 06:22:02 | 001,362,796 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab [2010.06.02 06:22:02 | 001,247,499 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab [2010.06.02 06:22:02 | 001,013,225 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab [2010.06.02 06:22:02 | 000,537,432 | ---- | C] () -- C:\Programme\DXSETUP.exe [2010.06.02 06:22:02 | 000,192,475 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab [2010.06.02 06:22:02 | 000,145,599 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab [2010.06.02 06:22:02 | 000,094,011 | ---- | C] () -- C:\Programme\dxupdate.cab [2010.06.02 06:22:02 | 000,042,410 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab [2010.06.02 06:22:00 | 001,571,154 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab [2010.06.02 06:22:00 | 001,357,976 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab [2010.06.02 06:22:00 | 001,079,456 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab [2010.06.02 06:22:00 | 000,273,264 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x64.cab [2010.06.02 06:22:00 | 000,272,642 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x86.cab [2010.06.02 06:22:00 | 000,212,807 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab [2010.06.02 06:22:00 | 000,191,720 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab [2010.06.02 06:22:00 | 000,122,408 | ---- | C] () -- C:\Programme\Aug2009_XACT_x64.cab [2010.06.02 06:22:00 | 000,093,106 | ---- | C] () -- C:\Programme\Aug2009_XACT_x86.cab [2010.06.02 06:21:58 | 000,930,116 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x64.cab [2010.06.02 06:21:58 | 000,728,456 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x86.cab [2010.06.02 06:21:58 | 000,232,635 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x64.cab [2010.06.02 06:21:58 | 000,192,131 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x86.cab [2010.06.02 06:21:58 | 000,136,301 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x64.cab [2010.06.02 06:21:58 | 000,105,044 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x86.cab [2010.06.02 06:21:56 | 003,319,740 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x86.cab [2010.06.02 06:21:56 | 003,112,111 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x64.cab [2010.06.02 06:21:56 | 000,900,598 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 06:21:46 | 000,919,044 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 06:21:46 | 000,271,412 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x64.cab [2010.06.02 06:21:46 | 000,271,038 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x86.cab [2010.06.02 06:21:44 | 001,794,084 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x64.cab [2010.06.02 06:21:44 | 001,464,672 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x86.cab [2010.06.02 06:21:44 | 000,849,167 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x86.cab [2010.06.02 06:21:44 | 000,198,096 | ---- | C] () -- C:\Programme\AUG2007_XACT_x64.cab [2010.06.02 06:21:44 | 000,153,012 | ---- | C] () -- C:\Programme\AUG2007_XACT_x86.cab [2010.06.02 06:21:44 | 000,121,772 | ---- | C] () -- C:\Programme\Aug2008_XACT_x64.cab [2010.06.02 06:21:44 | 000,092,996 | ---- | C] () -- C:\Programme\Aug2008_XACT_x86.cab [2010.06.02 06:21:42 | 001,800,160 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x64.cab [2010.06.02 06:21:42 | 001,708,152 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x86.cab [2010.06.02 06:21:42 | 000,867,612 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x64.cab [2010.06.02 06:21:42 | 000,852,286 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x64.cab [2010.06.02 06:21:42 | 000,796,867 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x86.cab [2010.06.02 06:21:40 | 001,350,542 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab [2010.06.02 06:21:40 | 001,077,644 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab [2010.06.02 06:21:40 | 000,182,903 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab [2010.06.02 06:21:40 | 000,137,235 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab [2010.06.02 06:21:40 | 000,087,142 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab [2010.06.02 06:21:40 | 000,053,302 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab [2010.06.02 06:21:40 | 000,046,058 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab [2010.06.02 06:21:38 | 001,606,039 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab [2010.06.02 06:21:38 | 000,195,766 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab [2010.06.02 06:21:38 | 000,151,225 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab [2010.06.02 06:21:38 | 000,096,817 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab [2010.06.02 06:21:36 | 001,607,358 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab [2010.06.02 06:21:36 | 000,698,612 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab [2010.06.02 06:21:36 | 000,695,865 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab [2010.06.02 06:21:34 | 000,046,010 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab [2010.06.02 06:21:20 | 000,087,101 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab [2010.06.02 06:21:18 | 004,162,630 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab [2010.06.02 06:21:18 | 000,916,430 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab [2010.06.02 06:21:18 | 000,179,133 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab [2010.06.02 06:21:18 | 000,133,103 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab [2010.06.02 06:21:16 | 001,397,830 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab [2010.06.02 06:21:16 | 001,347,354 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab [2010.06.02 06:21:16 | 001,115,221 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab [2010.06.02 06:21:16 | 001,078,962 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab [2010.03.06 22:18:40 | 000,138,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.03.06 22:18:33 | 000,215,128 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010.03.06 22:18:26 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010.01.12 13:03:34 | 002,283,526 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2009.08.17 08:08:17 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009.07.30 12:17:02 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009.07.30 12:17:00 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009.07.28 00:25:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009.07.28 00:25:24 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2009.06.25 07:42:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL [2009.06.25 07:42:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL [2009.06.25 07:42:30 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\LXPMONRC.DLL [2009.06.25 07:38:15 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\lxcginsr.dll [2009.06.25 07:38:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcgvs.dll [2009.06.25 07:38:14 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\lxcgusb1.dll [2009.06.25 07:38:14 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\lxcgcoms.exe [2009.06.25 07:38:14 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\lxcglmpm.dll [2009.06.25 07:38:14 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\lxcgcomm.dll [2009.06.25 07:38:14 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\lxcgih.exe [2009.06.25 07:38:14 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lxcgpplc.dll [2009.06.25 07:38:13 | 001,191,936 | ---- | C] () -- C:\WINDOWS\System32\lxcgserv.dll [2009.06.25 07:38:13 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\lxcgcomc.dll [2009.06.25 07:38:13 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\lxcgprox.dll [2009.06.25 07:38:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxcgcur.dll [2009.06.25 07:38:10 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\lxcgjswr.dll [2009.05.25 19:03:23 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.05.09 13:52:59 | 000,000,149 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.02.21 21:01:27 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll [2008.12.05 04:42:44 | 000,204,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.12.02 05:51:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.11.21 11:09:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2008.11.19 16:36:01 | 000,000,402 | ---- | C] () -- C:\WINDOWS\System32\Oeminfo.ini [2008.11.19 16:28:10 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2008.11.19 16:19:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008.11.19 16:15:35 | 000,023,604 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008.11.19 15:56:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.11.19 15:55:43 | 000,294,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008.04.14 14:00:00 | 000,494,590 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2008.04.14 14:00:00 | 000,471,290 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2008.04.14 14:00:00 | 000,098,254 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2008.04.14 14:00:00 | 000,082,604 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2008.04.14 08:06:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007.04.20 15:32:00 | 001,018,748 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin [2007.04.20 15:32:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006.02.28 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006.02.28 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006.02.28 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006.02.28 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2006.02.28 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006.02.28 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006.02.28 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2006.02.28 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006.02.28 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat ========== Files - Unicode (All) ========== [2010.03.22 18:20:41 | 000,089,656 | ---- | M] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3 3.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3 3.wav [2010.03.22 18:20:41 | 000,089,656 | ---- | C] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3 3.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3 3.wav [2010.03.22 18:18:23 | 000,124,856 | ---- | M] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3 2.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3 2.wav [2010.03.22 18:18:23 | 000,124,856 | ---- | C] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3 2.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3 2.wav [2010.03.22 18:11:48 | 000,217,656 | ---- | M] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3.wav [2010.03.22 18:11:48 | 000,217,656 | ---- | C] ()(C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\?s??????? ? ???? ? ¢a? ƒl?...«3.wav) -- C:\Dokumente und Einstellungen\Christian Philip\Eigene Dateien\ѕσмєтιмєѕ ι ωιѕн ι ¢αη ƒℓу...«3.wav ========== Alternate Data Streams ========== @Alternate Data Stream - 500 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF < End of report > OTL Extras Logs:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.04.2011 06:43:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\Christian Philip\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free
4,00 Gb Paging File | 1,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298,09 Gb Total Space | 16,35 Gb Free Space | 5,48% Space Free | Partition Type: NTFS
Drive D: | 1,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 188,23 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: XONEBO | User Name: Christian Philip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57480:TCP" = 57480:TCP:*:Enabled:Pando Media Booster
"57480:UDP" = 57480:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57480:TCP" = 57480:TCP:*:Enabled:Pando Media Booster
"57480:UDP" = 57480:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.4\ICQ.exe" = C:\Programme\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = C:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Programme\BearShare Applications\BearShare\BearShare.exe" = C:\Programme\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- (MusicLab, LLC)
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Programme\Life for Speed\LFS.exe" = C:\Programme\Life for Speed\LFS.exe:*:Enabled:LFS -- ()
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary
"C:\Programme\Zattoo\zattood.exe" = C:\Programme\Zattoo\zattood.exe:*:Enabled:zattood -- ()
"C:\Programme\Zattoo\Zattoo2.exe" = C:\Programme\Zattoo\Zattoo2.exe:*:Enabled: -- ()
"C:\Programme\DNA\btdna.exe" = C:\Programme\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\lxcgcoms.exe" = C:\WINDOWS\system32\lxcgcoms.exe:*:Enabled:2300 Series -- ()
"C:\Programme\Playlogic\World Racing 2\MP Lounge 2.exe" = C:\Programme\Playlogic\World Racing 2\MP Lounge 2.exe:*:Enabled:MP Lounge 2
"C:\Programme\Playlogic\World Racing 2\WR2_PC.exe" = C:\Programme\Playlogic\World Racing 2\WR2_PC.exe:*:Enabled:WR2_PC Application
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\Christian Philip\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\Christian Philip\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer -- (TeamViewer GmbH)
"C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\Rar$EX01.750\racer086\racer.exe" = C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\Rar$EX01.750\racer086\racer.exe:*:Enabled:racer
"C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\Rar$EX01.328\racer086\racer.exe" = C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\Rar$EX01.328\racer086\racer.exe:*:Enabled:racer
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Valve\Steam\SteamApps\x0n3\source dedicated server\srcds.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\source dedicated server\srcds.exe:*:Enabled:srcds -- ()
"C:\Programme\Valve\Steam\SteamApps\x0n3\half-life 2\hl2.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\half-life 2\hl2.exe:*:Enabled:hl2 -- ()
"C:\Programme\Valve\Steam\SteamApps\x0n3\source sdk base\hl2.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\source sdk base\hl2.exe:*:Enabled:hl2 -- ()
"C:\Programme\SecondLife\SLVoice.exe" = C:\Programme\SecondLife\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Programme\SecondLife\SecondLife.exe" = C:\Programme\SecondLife\SecondLife.exe:*:Enabled:Second Life -- (Linden Lab)
"C:\Programme\AVG\AVG9\avgupd.exe" = C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgnsx.exe" = C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\SecondLifeViewer2\SLVoice.exe" = C:\Programme\SecondLifeViewer2\SLVoice.exe:*:Enabled:SLVoice
"C:\Programme\Valve\Steam\steam.exe" = C:\Programme\Valve\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Programme\Emerald Viewer\SLVoice.exe" = C:\Programme\Emerald Viewer\SLVoice.exe:*:Enabled:SLVoice
"C:\Programme\Emerald Viewer\Emerald.exe" = C:\Programme\Emerald Viewer\Emerald.exe:*:Enabled:Emerald Viewer
"C:\Programme\Valve\Steam\SteamApps\x0n3\synergy\hl2.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\synergy\hl2.exe:*:Enabled:Synergy
"C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp289\mdm.exe" = C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp289\mdm.exe:*:Enabled:UpdateWizzard
"C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp290\mdm.exe" = C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp290\mdm.exe:*:Enabled:UpdateWizzard
"C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp291\mdm.exe" = C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp291\mdm.exe:*:Enabled:UpdateWizzard
"C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp292\mdm.exe" = C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp292\mdm.exe:*:Enabled:UpdateWizzard
"C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp293\mdm.exe" = C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\~temp\mlp293\mdm.exe:*:Enabled:UpdateWizzard
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\Phoenix Viewer\SLVoice.exe" = C:\Programme\Phoenix Viewer\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\~temp\mlp319\mdm.exe" = C:\Dokumente und Einstellungen\Christian Philip\Lokale Einstellungen\Temp\~temp\mlp319\mdm.exe:*:Disabled:mdm
"C:\Programme\Valve\Steam\SteamApps\x0n3\counter-strike\hl.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"C:\Programme\rFactor\rfactor.exe" = C:\Programme\rFactor\rfactor.exe:*:Enabled:rFactor
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Rigs of Rods 0.37.126\servergui.exe" = C:\Programme\Rigs of Rods 0.37.126\servergui.exe:*:Enabled:servergui
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Valve\Steam\SteamApps\x0n3\synergy dedicated server\srcds.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\synergy dedicated server\srcds.exe:*:Enabled:Synergy Dedicated Server -- ()
"C:\Programme\Valve\Steam\SteamApps\x0n3\counter-strike source\hl2.exe" = C:\Programme\Valve\Steam\SteamApps\x0n3\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Programme\ICQ7.4\ICQ.exe" = C:\Programme\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"C:\Programme\AIM\aim.exe" = C:\Programme\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{13AA6556-BA96-4468-A8B4-1AD4A75AD5A0}" = Logitech Gaming Software
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.5.0.1
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5AD05333-600A-4CD8-88C6-BF22A3BE9767}_is1" = Multi-ICQ 1.3
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5ED9E38C-9A96-49D8-89B3-92E278003FCF}" = PTP
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E012857-0B5E-40A0-A36A-36751966A79B}_is1" = ICQ Status Checker 1.7
"{A0EACEC2-E2AE-4811-A01D-5321587E0643}_is1" = MPEG Video Wizard 4.0.4.112 (12/2008)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B56B1487-9A26-4AFD-A1FD-949C40F5F2BC}" = Sony Ericsson PC Suite
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin'
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"AudioCon" = AudioCon
"AVG9Uninstall" = AVG Free 9.0
"Avidemux 2.5" = Avidemux 2.5
"AVS Image Converter_is1" = AVS Image Converter 1.3.2.141
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BearShare" = BearShare
"BitTorrent" = BitTorrent
"BittorrentBar_DE Toolbar" = BittorrentBar_DE Toolbar
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dailymotion Video Downloader_is1" = Dailymotion Video Downloader 3.26
"DDS Converter 2.1" = DDS Converter 2.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eMule" = eMule
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.33.324
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"GameSpy Arcade" = GameSpy Arcade
"German Truck Simulator" = German Truck Simulator 1.00
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"JDownloader" = JDownloader
"Lexmark 2300 Series" = Lexmark 2300 Series
"Lexmark Fax Solutions" = Lexmark Fax-Lösungen
"LFS Database Hi-Res Pack" = LFS Database Hi-Res Pack 1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mousotron_is1" = Mousotron 5.0
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mpeg Video Wizard" = MPEG Video Wizard 4.0.4.111 (12/2008)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OJOsoft Total Video Converter2.0.0.0430" = OJOsoft Total Video Converter
"OpenAL" = OpenAL
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Identity Protect" = Panda Identity Protect 3.0.45
"panda2_0dn" = Panda Security Toolbar URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"PandoraRecovery" = PandoraRecovery (Remove Only)
"PROHYBRIDR" = 2007 Microsoft Office system
"Rigs of Rods" = Rigs of Rods 0.38.14
"SecondLife" = SecondLife (remove only)
"Security Task Manager" = Security Task Manager 1.8c
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 10" = Counter-Strike
"Steam App 17520" = Synergy
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Twinity" = Twinity
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Xfire" = Xfire (remove only)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"drv online ping" = CiD Help
"Move Media Player" = Move Media Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2010 14:03:24 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
Error - 03.09.2010 14:03:55 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
Error - 03.09.2010 14:03:56 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 03.09.2010 14:03:57 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 03.09.2010 14:04:00 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 03.09.2010 14:04:00 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 03.09.2010 14:04:01 | Computer Name = XONEBO | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
Error - 06.09.2010 08:01:57 | Computer Name = XONEBO | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4028.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 06.09.2010 08:23:30 | Computer Name = XONEBO | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4028.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.09.2010 06:14:50 | Computer Name = XONEBO | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung wmplayer.exe, Version 11.0.5721.5145, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ OSession Events ]
Error - 25.06.2009 20:19:04 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.06.2009 20:19:17 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.06.2009 20:19:26 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.06.2009 20:19:31 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 25.06.2009 20:19:40 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.06.2009 17:43:32 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.07.2009 07:27:08 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.07.2009 07:27:13 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28.07.2009 07:27:18 | Computer Name = XONEBO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 03.09.2010 14:02:22 | Computer Name = XONEBO | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 192.168.100.10 über die
Netzwerkkarte mit der Netzwerkadresse 001E9047E868 ist verloren gegangen.
Error - 03.09.2010 14:02:22 | Computer Name = XONEBO | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 03.09.2010 14:02:22 | Computer Name = XONEBO | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 03.09.2010 14:02:26 | Computer Name = XONEBO | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 03.09.2010 14:02:26 | Computer Name = XONEBO | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 03.09.2010 14:24:26 | Computer Name = XONEBO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Panda Cloud Antivirus Service" wurde nicht ordnungsgemäß
gestartet.
Error - 16.09.2010 11:06:27 | Computer Name = XONEBO | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 88.153.133.90 über die
Netzwerkkarte mit der Netzwerkadresse 001E9047E868 ist verloren gegangen.
Error - 17.09.2010 05:37:34 | Computer Name = XONEBO | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 88.153.133.90 über die
Netzwerkkarte mit der Netzwerkadresse 001E9047E868 ist verloren gegangen.
Error - 17.09.2010 08:03:20 | Computer Name = XONEBO | Source = Dhcp | ID = 1000
Description = Die Lease dieses Computers zu der IP-Adresse 88.153.133.90 über die
Netzwerkkarte mit der Netzwerkadresse 001E9047E868 ist verloren gegangen.
Error - 18.09.2010 15:35:25 | Computer Name = XONEBO | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Panda Cloud Antivirus Service" wurde nicht ordnungsgemäß
gestartet.
< End of report >
|
|
15.04.2011, 10:18
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie probleme mit FireFox 4, IE8 & Skype Log von MBAM ist unvollständig. Die Infos über Programm und Signaturversionen von Malwarebytes fehlen. Außerdem: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.04.2011, 11:22
| #6 |
| | Wo probleme mit FireFox 4, IE8 & Skype Lösung! also ich hab die ganze MBAM log kopiert und hier im forum eingefügt. ich habe mir nach dem scannen die logfile als textdatei auf den deskopt speichern lassen. keine ahnung wieso es unvollständig is?? aber nachdem ich alle funde gelöscht habe friert mein firefox nicht mehr ein. mein firefox is meist nach ca. 10 minuten eingefrohren, jetzt hab ich mein firefox ca. 40 minuten offen ohne das er mir eingefrohren ist. skype stürzt auch nicht mehr ab und fehlermeldungen bekomme ich beim PC hochfahren auch nicht mehr. vielen dank für eure hilfe, ohne euch wäre ich verzweifelt. Geändert von Bochum (15.04.2011 um 12:03 Uhr) |
|
15.04.2011, 12:30
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | probleme mit FireFox 4, IE8 & Skype Häng das Logfile hier einfach mal an. Vergleiche auch mal dein Posting mit dem Log auf deinem Rechner. So eine Angabe vermisse ich in deinem Posting: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 13:30
| #8 |
| | probleme mit FireFox 4, IE8 & Skype mein fehler: da hab ich beim kopieren nicht aufgepasst  Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6360 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 15.04.2011 06:30:28 mbam-log-2011-04-15 (06-30-07).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 492799 Laufzeit: 6 Stunde(n), 48 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 8 Infizierte Registrierungswerte: 10 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 1 Infizierte Dateien: 9 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CLASSES_ROOT\linkrdr.AIEbho.1 (Trojan.Banker) -> No action taken. HKEY_CLASSES_ROOT\linkrdr.AIEbho (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C689C99E-3A8C-4C87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\prh (Trojan.Banker) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\tst (Trojan.Banker) -> No action taken. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{F5E6C6DA-E1E0-2B9F-7CBB-E069673FBC3E} (Trojan.ZbotR.Gen) -> Value: {F5E6C6DA-E1E0-2B9F-7CBB-E069673FBC3E} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\CmSTP (Trojan.Agent) -> Value: CmSTP -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\DllHst (Trojan.Downloader) -> Value: DllHst -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\SessMgr (Trojan.Agent) -> Value: SessMgr -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ComRepl (Trojan.Agent) -> Value: ComRepl -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\MstInit (Trojan.Agent) -> Value: MstInit -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Esent Utl (Trojan.Agent) -> Value: Esent Utl -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Spool (Trojan.Agent) -> Value: Spool -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\IEudinit (Trojan.Agent) -> Value: IEudinit -> No action taken. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Cisvc (Trojan.Rodecap) -> Value: Cisvc -> No action taken. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (c:\windows\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe,) Good: (userinit.exe) -> No action taken. Infizierte Verzeichnisse: c:\WINDOWS\system32\xmldm (Stolen.Data) -> No action taken. Infizierte Dateien: c:\WINDOWS\system32\acroiehelpe.dll (Trojan.Banker) -> No action taken. c:\WINDOWS\system32\srvblck2.tmp (Malware.Trace) -> No action taken. c:\WINDOWS\system32\acroiehelpe.txt (Malware.Trace) -> No action taken. c:\dokumente und einstellungen\christian philip\lokale einstellungen\Temp\0.4203577971872148.exe (Trojan.Dropper) -> No action taken. c:\WINDOWS\system\spoolsv.exe (Trojan.Agent) -> No action taken. c:\WINDOWS\system32\xmldm\iexplore.exe_uas001.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\iexplore.exe_uas002.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\_UAs001.dat (Stolen.Data) -> No action taken. c:\WINDOWS\system32\xmldm\_UAs002.dat (Stolen.Data) -> No action taken. |
|
15.04.2011, 13:42
| #9 | |
| /// Mr. Schatten | probleme mit FireFox 4, IE8 & SkypeZitat:
__________________ alle Tipps + Hilfen aller Helfer sind ohne Gewähr + Haftung keine Hilfe via PN hier ist ein Forum, jeder kann profitieren/kontrollieren - niemand ist fehlerfrei tendenzielle Beachtung der Rechtschreibregeln erhöht die Wahrscheinlichkeit einer Antwort - |
|
15.04.2011, 13:57
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | probleme mit FireFox 4, IE8 & Skype [gelöst] Danke shadow  @Bochum: Bitte Malwarebytes nochmal updaten. Wiederhole den Vollscan und entferne diesmal am Ende auch alle Funde!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu probleme mit FireFox 4, IE8 & Skype |
| anhang, einfriert, ellung, fehlermeldung, firefox, friert, funktionier, funktioniert, heute, leute, minimiert, neustart, nicht mehr, pc neustart, plötzlich, problem, probleme, runterfährt, screenshot, skype, systemwiederherstellung |
Linear-Darstellung
