| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "Festplatte beschädigt" - TR/Crypt.XPACK.GEN3Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.06.2011, 17:49
| #1 |
 |  "Festplatte beschädigt" - TR/Crypt.XPACK.GEN3 Hallo! Da hat mich ja was übles erwischt, einer dieser komischen XPACK-Trojaner, die - wie ich schon gesehen habe - gerade recht häufig auftreten? Wo kommt dieser Mist denn bloß her? Bei mir kam aus dem Nichts die Viren-Meldung durch Avira. Desktop wurde schwarz, alle Dateien und Programmordner "weg"! Dafür dieses blöde Rescue-Ding. Nun habe ich in anderen Beiträgen bereits gelesen, dass ein Vollscan durch Malwarebytes gemacht werden soll, anschließend OTL, Kaspersky, etc. Soll ich dies hier Schritt für Schritt durchführen? Benutze gerade mein Notebook und würde damit erstmal diese Programme runterladen. Funktioniert die Ausführung auf dem betroffenen Rechner denn so einfach? Habe Angst, dass dabei wirklich was flöten geht. Mag mir jemand dabei zur Hand gehen?! Vielen Dank für eure Hilfe und die Anleitung dazu! Habe ja die Hoffnung, dass das dank euch wieder funktionieren wird. ;-) Malwarebytes läuft gerade... So, nach gefühlten Ewigkeiten nun die Log-Datei 1. vor und 2. nach dem Löschen der Schädlinge durch Malwarebytes. Bisheriges Ergebnis nach dem Neustart: Fehlermeldungen bleiben aus, Desktopsymbole aber weiterhin nicht sichtbar, Programme und Ordner nicht abrufbar. Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6928
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
23.06.2011 21:45:50
mbam-log-2011-06-23 (21-45-05).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 369347
Laufzeit: 1 Stunde(n), 29 Minute(n), 5 Sekunde(n)
Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
c:\programdata\wxoeawgltnnf.exe (Trojan.FraudPack.PF) -> 532 -> No action taken.
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wXOeAwgLTnnf (Trojan.FraudPack.PF) -> Value: wXOeAwgLTnnf -> No action taken.
Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\programdata\wxoeawgltnnf.exe (Trojan.FraudPack.PF) -> No action taken.
c:\program files\clearprog\eBay\ebayshortcuts.exe (Adware.ADON) -> No action taken.
c:\programdata\31842040.exe (Trojan.FraudPack.PF) -> No action taken.
Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6928
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
23.06.2011 21:45:56
mbam-log-2011-06-23 (21-45-56).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 369347
Laufzeit: 1 Stunde(n), 29 Minute(n), 5 Sekunde(n)
Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
c:\programdata\wxoeawgltnnf.exe (Trojan.FraudPack.PF) -> 532 -> Unloaded process successfully.
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wXOeAwgLTnnf (Trojan.FraudPack.PF) -> Value: wXOeAwgLTnnf -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\programdata\wxoeawgltnnf.exe (Trojan.FraudPack.PF) -> Quarantined and deleted successfully.
c:\program files\clearprog\eBay\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\programdata\31842040.exe (Trojan.FraudPack.PF) -> Quarantined and deleted successfully.
 Wie muss ich weiter vorgehen? Code:
ATTFilter OTL logfile created on: 24.06.2011 09:15:05 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\*****\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,49 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 69,20% Memory free 7,16 Gb Paging File | 6,21 Gb Available in Paging File | 86,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 292,16 Gb Total Space | 161,49 Gb Free Space | 55,27% Space Free | Partition Type: NTFS Drive D: | 5,93 Gb Total Space | 0,88 Gb Free Space | 14,84% Space Free | Partition Type: NTFS Drive J: | 120,23 Mb Total Space | 110,67 Mb Free Space | 92,05% Space Free | Partition Type: FAT Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () ========== Modules (SafeList) ========== MOD - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation) SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation) SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation) SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation) SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe () SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe () SRV - (IntelDHSvcConf) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe (Intel(R) Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (cpuz135) -- C:\Windows\System32\drivers\cpuz135_x32.sys (CPUID) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH) DRV - (pfc) -- C:\Windows\System32\drivers\pfc.sys (Padus, Inc.) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (HCWU2DTD) -- C:\Windows\System32\drivers\hcwu2dtd.sys (Hauppauge Computer Works) DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company) DRV - (HCWU2DTL) -- C:\Windows\System32\drivers\hcwu2dtl.sys (Hauppauge Computer Works) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 A8 69 2B 2C 24 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de) " FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0 FF - prefs.js..extensions.enabledItems: googlesharing@extension.thoughtcrime.org:0.21 FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6 FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.03 07:18:06 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.18 12:23:09 | 000,000,000 | -H-D | M] [2010.11.10 16:26:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2011.06.01 21:17:49 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions [2011.02.15 13:42:51 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}-trash [2011.06.01 21:17:48 | 000,000,000 | -H-D | M] (German Dictionary) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\de-DE@dictionaries.addons.mozilla.org [2011.06.01 21:17:49 | 000,000,000 | -H-D | M] (British English Dictionary) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\en-GB@dictionaries.addons.mozilla.org [2011.04.05 07:28:12 | 000,000,000 | -H-D | M] (GoogleSharing) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\googlesharing@extension.thoughtcrime.org [2011.04.05 07:28:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\googlesharing@extension.thoughtcrime.org\chrome [2011.04.05 07:28:12 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\googlesharing@extension.thoughtcrime.org\components [2011.04.05 07:28:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\azp24t3h.default\extensions\googlesharing@extension.thoughtcrime.org\defaults [2010.11.10 17:28:16 | 000,001,094 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\abkuerzungende.xml [2010.11.10 17:28:46 | 000,001,211 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\amazonde-.xml [2010.11.10 17:31:05 | 000,001,788 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\ardapedia.xml [2010.11.10 17:28:58 | 000,001,887 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\bookbutler.xml [2010.11.10 17:31:46 | 000,001,167 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\club300-fotos-d.xml [2010.11.10 17:32:08 | 000,001,169 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\club300-fotos-wp.xml [2010.11.10 17:29:49 | 000,001,036 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\dictcc-de---en.xml [2010.11.10 17:30:10 | 000,000,451 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\filmstartsde.xml [2010.11.10 17:29:11 | 000,000,924 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\jokersde.xml [2010.11.10 17:30:34 | 000,001,490 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\lastfm.xml [2010.11.10 17:30:47 | 000,001,603 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\lautde.xml [2010.11.10 17:29:33 | 000,001,884 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\leo-de---en.xml [2011.01.28 19:49:47 | 000,001,707 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\naturguckerde.xml [2010.11.10 17:27:05 | 000,001,162 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\wikipedia-de-.xml [2010.11.10 17:27:18 | 000,001,151 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\wikipedia-en.xml [2010.11.10 17:27:54 | 000,001,156 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\wiktionary.xml [2010.11.10 17:26:30 | 000,000,723 | -H-- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\azp24t3h.default\searchplugins\wissende.xml [2011.05.03 07:18:06 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011.02.15 15:56:40 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AZP24T3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.04.14 18:40:03 | 000,142,296 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.06.01 11:03:51 | 000,435,945 | RH-- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 15001 more lines... O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {147D6308-0614-4112-89B1-31402F9B82C4} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2cf1e437-7876-11df-bbfb-001a92eb8022}\Shell - "" = AutoRun O33 - MountPoints2\{2cf1e437-7876-11df-bbfb-001a92eb8022}\Shell\AutoRun\command - "" = J:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{8842034a-1f22-11dc-8034-001a92eb8022}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Recycled\ctfmon.exe O33 - MountPoints2\{8842034a-1f22-11dc-8034-001a92eb8022}\Shell\Open(&0)\command - "" = J:\Recycled\ctfmon.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.24 09:14:40 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2011.06.23 19:28:14 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2011.06.23 19:28:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.23 19:27:59 | 000,039,984 | -H-- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.23 19:27:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2011.06.23 19:27:50 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.06.23 19:26:13 | 009,435,312 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\*****\Desktop\mbam-setup-1.51.0.1200.exe [2011.06.23 13:39:01 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair [2011.06.20 17:49:04 | 000,000,000 | -H-D | C] -- C:\Users\*****\Desktop\Klausuren_PhyGeo_WiGeo [2011.06.18 12:22:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.06.15 18:54:27 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.15 18:54:25 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.06.15 18:54:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.06.15 18:54:25 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.04 14:43:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Corel [2011.06.04 14:43:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CorelDRAW Home & Student Suite X5 [2011.06.04 08:30:45 | 000,000,000 | -H-D | C] -- C:\Users\*****\Documents\Meine Paletten [2011.06.04 08:30:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Protexis [2011.06.02 11:53:25 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\vlc [2011.06.02 11:36:13 | 000,053,248 | -H-- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2011.06.02 11:27:00 | 000,000,000 | -H-D | C] -- C:\Program Files\SystemRequirementsLab [2011.06.02 11:20:54 | 000,022,504 | -H-- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys [2011.06.02 11:20:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPU-Z [2011.06.02 11:20:53 | 000,000,000 | -H-D | C] -- C:\Program Files\CPU-Z [2011.06.01 23:00:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.06.01 22:59:48 | 000,000,000 | -H-D | C] -- C:\Program Files\VLC [2011.06.01 21:30:21 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Local\Opera [2011.06.01 21:29:55 | 000,000,000 | RH-D | C] -- C:\Users\*****\Downloads [2011.06.01 12:34:43 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.06.01 12:34:43 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.06.01 12:34:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.06.01 12:34:43 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.06.01 12:34:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.06.01 12:34:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.06.01 12:34:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.06.01 12:34:42 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.06.01 12:34:42 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.06.01 12:34:42 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.06.01 12:34:42 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.06.01 12:34:42 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.06.01 12:34:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.06.01 12:34:42 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.06.01 12:34:42 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.06.01 12:34:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.06.01 12:34:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.06.01 12:34:41 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.06.01 12:34:41 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.06.01 12:34:41 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.06.01 12:34:41 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.06.01 12:34:41 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.06.01 12:34:41 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.06.01 12:34:41 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.06.01 12:34:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.06.01 12:34:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.06.01 12:34:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.06.01 12:34:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.06.01 12:34:40 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.06.01 12:34:40 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.06.01 12:34:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.06.01 12:34:40 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.06.01 12:34:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.06.01 12:34:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.06.01 12:34:40 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.06.01 10:57:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011.05.31 07:41:12 | 000,000,000 | -H-D | C] -- C:\Program Files\MSECache [2011.05.27 22:59:13 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\Nokia Ovi Suite [2011.05.27 22:12:36 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2011.05.27 22:12:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2011.05.27 22:12:33 | 000,000,000 | -H-D | C] -- C:\Users\*****\AppData\Roaming\Notepad++ [2011.05.27 22:12:33 | 000,000,000 | -H-D | C] -- C:\Program Files\Notepad++ [2011.05.27 21:51:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\NokiaAccount [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.24 09:13:31 | 000,001,098 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.24 09:13:01 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.24 09:13:01 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.24 09:12:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.24 09:08:22 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2011.06.23 21:46:00 | 000,001,102 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.23 19:29:17 | 000,638,510 | -H-- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.23 19:29:17 | 000,604,126 | -H-- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.23 19:29:17 | 000,130,462 | -H-- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.23 19:29:17 | 000,107,562 | -H-- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.23 19:25:21 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~31842040 [2011.06.23 19:25:21 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~31842040r [2011.06.23 19:20:34 | 009,435,312 | -H-- | M] (Malwarebytes Corporation ) -- C:\Users\*****\Desktop\mbam-setup-1.51.0.1200.exe [2011.06.23 13:47:09 | 000,000,336 | -H-- | M] () -- C:\ProgramData\31842040 [2011.06.23 13:41:57 | 000,000,392 | -H-- | M] () -- C:\ProgramData\31317752 [2011.06.23 13:39:03 | 000,000,593 | -H-- | M] () -- C:\Users\*****\Desktop\Windows Vista Repair.lnk [2011.06.23 13:39:03 | 000,000,240 | -H-- | M] () -- C:\ProgramData\~31317752 [2011.06.23 13:39:03 | 000,000,168 | -H-- | M] () -- C:\ProgramData\~31317752r [2011.06.20 13:18:54 | 000,000,030 | -H-- | M] () -- C:\Windows\Iedit_.INI [2011.06.02 11:42:26 | 000,508,128 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.06.01 12:35:02 | 000,008,798 | -H-- | M] () -- C:\Windows\System32\icrav03.rat [2011.06.01 12:35:02 | 000,001,988 | -H-- | M] () -- C:\Windows\System32\ticrf.rat [2011.06.01 12:34:43 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.06.01 12:34:43 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.06.01 12:34:43 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.06.01 12:34:43 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.06.01 12:34:43 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.06.01 12:34:43 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.06.01 12:34:43 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.06.01 12:34:42 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.06.01 12:34:42 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.06.01 12:34:42 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.06.01 12:34:42 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.06.01 12:34:42 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.06.01 12:34:42 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.06.01 12:34:42 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.06.01 12:34:42 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.06.01 12:34:42 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.06.01 12:34:42 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.06.01 12:34:42 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.06.01 12:34:41 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.06.01 12:34:41 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.06.01 12:34:41 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.06.01 12:34:41 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.06.01 12:34:41 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.06.01 12:34:41 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.06.01 12:34:41 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.06.01 12:34:40 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.06.01 12:34:40 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.06.01 12:34:40 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.06.01 12:34:40 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.06.01 12:34:40 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.06.01 12:34:40 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.06.01 12:34:40 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.06.01 12:34:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.06.01 12:34:40 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.06.01 12:34:40 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.06.01 12:34:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.06.01 11:03:51 | 000,435,945 | RH-- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.05.29 09:11:30 | 000,039,984 | -H-- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.27 23:00:44 | 000,022,016 | -H-- | M] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.23 13:47:29 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~31842040 [2011.06.23 13:47:29 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~31842040r [2011.06.23 13:47:09 | 000,000,336 | -H-- | C] () -- C:\ProgramData\31842040 [2011.06.23 13:39:03 | 000,000,593 | -H-- | C] () -- C:\Users\*****\Desktop\Windows Vista Repair.lnk [2011.06.23 13:39:03 | 000,000,240 | -H-- | C] () -- C:\ProgramData\~31317752 [2011.06.23 13:39:03 | 000,000,168 | -H-- | C] () -- C:\ProgramData\~31317752r [2011.06.23 13:38:16 | 000,000,392 | -H-- | C] () -- C:\ProgramData\31317752 [2011.06.01 12:34:42 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.01.10 12:09:35 | 000,393,256 | -H-- | C] () -- C:\Windows\System32\CNQ2414N.DAT [2010.03.25 18:11:47 | 000,000,000 | -H-- | C] () -- C:\Windows\OpPrintServer.INI [2010.03.25 18:06:34 | 000,007,680 | -H-- | C] () -- C:\Windows\System32\CNMVS61.DLL [2010.03.01 20:03:40 | 000,000,030 | -H-- | C] () -- C:\Windows\Iedit_.INI [2010.02.19 22:48:59 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2009.08.06 18:48:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.06 18:46:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2008.11.16 01:41:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.06.18 20:51:06 | 000,147,456 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll [2008.03.25 16:56:08 | 000,147,456 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll [2007.11.30 13:43:22 | 000,073,216 | -H-- | C] () -- C:\Windows\cadkasdeinst01.exe [2007.11.28 21:05:39 | 000,000,120 | -H-- | C] () -- C:\Users\*****\AppData\Roaming\wklnhst.dat [2007.11.06 09:55:50 | 000,000,021 | -H-- | C] () -- C:\Windows\PMK35_SETUP.ini [2007.10.31 18:54:28 | 000,147,456 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1364.dll [2007.10.23 14:03:27 | 000,064,466 | -H-- | C] () -- C:\Users\*****\AppData\Roaming\mdb.bin [2007.10.12 17:01:07 | 000,000,096 | -H-- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2007.10.02 13:52:25 | 000,217,088 | RH-- | C] () -- C:\Windows\System32\MafiaSetup.exe [2007.10.02 13:41:18 | 000,217,088 | RH-- | C] () -- C:\Users\*****\AppData\Roaming\MafiaSetup.exe [2007.08.24 20:46:48 | 000,147,456 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll [2007.06.30 19:41:36 | 000,065,536 | -H-- | C] () -- C:\Windows\System32\dmcrypto.dll [2007.06.30 19:41:23 | 000,000,135 | -H-- | C] () -- C:\Windows\ODBC.INI [2007.06.30 19:41:22 | 000,000,209 | -H-- | C] () -- C:\Windows\ODBCINST.INI [2007.06.30 19:41:20 | 000,151,552 | -H-- | C] () -- C:\Windows\System32\hcwChDB.dll [2007.06.30 19:39:58 | 000,002,796 | -H-- | C] () -- C:\Windows\HCWPNP.INI [2007.06.26 16:47:14 | 000,000,533 | -H-- | C] () -- C:\Windows\eReg.dat [2007.06.24 09:43:44 | 000,114,938 | -H-- | C] () -- C:\Windows\hpqins13.dat [2007.06.21 10:22:42 | 000,000,305 | -H-- | C] () -- C:\ProgramData\addr_file.html [2007.06.18 15:22:31 | 000,022,016 | -H-- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.06.16 23:40:17 | 000,028,915 | -H-- | C] () -- C:\Users\*****\AppData\Roaming\UserTile.png [2007.06.16 16:39:55 | 000,097,312 | -H-- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin [2007.03.23 05:31:29 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll [2007.03.23 05:28:35 | 000,638,510 | -H-- | C] () -- C:\Windows\System32\perfh007.dat [2007.03.23 05:28:35 | 000,290,748 | -H-- | C] () -- C:\Windows\System32\perfi007.dat [2007.03.23 05:28:35 | 000,130,462 | -H-- | C] () -- C:\Windows\System32\perfc007.dat [2007.03.23 05:28:35 | 000,036,916 | -H-- | C] () -- C:\Windows\System32\perfd007.dat [2007.03.22 20:45:35 | 000,061,440 | -H-- | C] () -- C:\Windows\System32\OsdRemove.exe [2007.03.22 20:42:25 | 000,327,680 | -H-- | C] () -- C:\Windows\System32\pythoncom24.dll [2007.03.22 20:42:25 | 000,102,400 | -H-- | C] () -- C:\Windows\System32\pywintypes24.dll [2007.03.06 11:49:42 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll [2007.01.10 13:56:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\px.ini [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,508,128 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,604,126 | -H-- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,562 | -H-- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat [2006.08.11 00:00:40 | 000,520,192 | -H-- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006.08.11 00:00:40 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006.06.23 11:09:34 | 000,019,968 | RH-- | C] () -- C:\Windows\System32\cpuinf32.dll [2002.03.21 14:39:02 | 000,073,728 | RH-- | C] () -- C:\Windows\System32\UNACEV2.DLL [2002.03.20 21:01:06 | 000,006,688 | RH-- | C] () -- C:\Windows\System32\Digita.sys [2002.03.20 21:00:20 | 000,049,152 | RH-- | C] () -- C:\Windows\System32\TransportUSB.dll [2002.03.20 21:00:20 | 000,049,152 | RH-- | C] () -- C:\Windows\System32\TransportSerial.dll [2002.03.20 21:00:20 | 000,049,152 | RH-- | C] () -- C:\Windows\System32\TransportIrDA.dll [2002.03.20 21:00:20 | 000,049,152 | RH-- | C] () -- C:\Windows\System32\TransportIrCOMM.dll ========== LOP Check ========== [2007.06.27 20:27:29 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ACD Systems [2011.04.20 11:18:41 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\AeroSnapApp [2010.03.14 22:29:21 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Amazon [2007.09.19 17:24:33 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Audacity [2011.01.10 12:30:25 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Canon [2010.11.24 15:35:25 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\CD-LabelPrint [2011.02.20 16:13:52 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers [2007.12.23 13:57:43 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\FrostWire [2011.01.28 09:41:39 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Gutscheinmieze [2007.10.10 16:19:12 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ICAClient [2011.06.21 19:04:52 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2007.06.16 21:16:37 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ICQ Toolbar [2007.06.16 21:18:45 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ICQLite [2010.08.29 17:47:45 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\InfoRapid KnowledgeMap [2007.11.06 14:43:52 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Nikon [2011.06.02 13:40:04 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Nokia [2011.06.02 13:40:05 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Nokia Ovi Suite [2011.05.27 22:12:59 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Notepad++ [2009.08.07 10:02:18 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org [2011.06.01 21:41:54 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Opera [2010.12.02 15:44:22 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Orbit [2011.01.09 21:33:13 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\PC Suite [2007.06.16 23:46:17 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\PeerNetworking [2010.12.02 15:41:15 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\ProgSense [2011.02.05 11:12:26 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Software4u [2011.02.09 15:08:45 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Swiss Academic Software [2007.06.16 20:43:58 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Template [2007.06.20 17:13:43 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird [2007.10.07 17:15:24 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\TuneUp Software [2009.12.22 12:45:36 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\Ulead Systems [2007.06.18 13:45:32 | 000,000,000 | -H-D | M] -- C:\Users\*****\AppData\Roaming\WinBatch [2011.06.23 22:36:28 | 000,032,510 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report > Code:
ATTFilter OTL Extras logfile created on: 24.06.2011 09:15:05 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\*****\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 69,20% Memory free
7,16 Gb Paging File | 6,21 Gb Available in Paging File | 86,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,16 Gb Total Space | 161,49 Gb Free Space | 55,27% Space Free | Partition Type: NTFS
Drive D: | 5,93 Gb Total Space | 0,88 Gb Free Space | 14,84% Space Free | Partition Type: NTFS
Drive J: | 120,23 Mb Total Space | 110,67 Mb Free Space | 92,05% Space Free | Partition Type: FAT
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3154840364-857642331-359066050-1001]
"EnableNotifications" = 0
"EnableNotificationsRef" = 3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3154840364-857642331-359066050-1007]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{46F1FB8F-B9B5-46FC-8A76-4E968AE60BB9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{59CE40F6-1F41-41DD-89B9-37AC3CC4BD7E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69C004FD-0511-4B89-9386-18CD2C22378E}" = rport=139 | protocol=6 | dir=out | app=system |
"{6B137440-1497-421A-8EF2-5F8FFC411DEC}" = rport=445 | protocol=6 | dir=out | app=system |
"{7BFAF25A-38C6-4BFF-91FD-35D2D27DFA45}" = lport=137 | protocol=17 | dir=in | app=system |
"{843EC9EA-CBF4-4AE3-943F-DA042866F7D8}" = lport=139 | protocol=6 | dir=in | app=system |
"{9BC3842D-EC22-4F0C-9DB1-8E26B28D15FB}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{B02B64D7-6C01-4196-BFEC-0FE2CAAE485A}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4D8709F-174F-424C-B0C8-1CEB1412FACB}" = lport=445 | protocol=6 | dir=in | app=system |
"{D3D078A3-73A1-4B2F-82B8-1B0D394A8F22}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3FA0E18-AB75-4879-BBB0-703C07166E8A}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{FCF96072-7C83-4ADB-9BBC-08BA2245AB6B}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{31CE8977-CF4B-4D4A-935E-3358F419F75E}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3494ACDF-4394-4E32-988C-DC1B5B640F5F}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{373EA412-9C9B-41A7-B4DB-3A1A31EE649F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3D31E802-5404-4346-938F-C08F95C14EA7}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3EFE3451-9143-4A8F-B0E0-1B4A03DF5292}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{43B2A958-7BE4-441C-85A6-57C02D23703F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4C4EF4A7-1B0C-4F79-AF21-9361EF6E2968}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{615DC410-8A66-4337-BB41-F1BFA9F4F9A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61B4ADC1-6DD2-4BA3-964A-A53DF14C2087}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{801F25DE-94E5-4575-80FC-256558864074}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{857A104D-4909-4F4C-A64F-F1F635AA11DB}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{9D1490D6-30E5-490B-B1C2-277AB7B35391}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A4A45014-8AD8-4519-AD01-D2EABBB9983D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AE527263-7C5C-4FB5-A786-BBA63261E7B8}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{B1761E96-35B2-4173-B19E-94AFDA8F66A3}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BAE466A5-8A96-4F9D-9643-9374BA2A831C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C221AEED-3C47-40B4-B702-46EC64F1715C}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{C899516A-8DF2-475D-9CE5-B8C7105691D9}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{DD83C523-57B3-49B3-AA7B-68A0E361F5B1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{2BF13BDE-A49F-4991-9561-714A718745DF}E:\bin\win32\player.exe" = protocol=6 | dir=in | app=e:\bin\win32\player.exe |
"TCP Query User{2FE38655-17FE-4BE4-9B1A-D979E0D59F93}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{62A90A24-08AD-4DC0-80AA-041B7730568C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{745EC40F-68B1-4E45-BBC6-50CCE1916CF4}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{84F5D283-9558-40D6-A51E-DEC08190FEA4}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9460DF45-51C5-4C3A-AEFC-BF35AA20415C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{CCC4128F-49B8-41A0-816B-29B68E35CDF9}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{D5DE1C5E-3FDC-435E-B518-771509FB0370}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{F9FD911D-B788-4ACB-91F0-D4DCE80E3898}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{01087E94-1B4A-485D-8BD9-633720CBF86E}E:\bin\win32\player.exe" = protocol=17 | dir=in | app=e:\bin\win32\player.exe |
"UDP Query User{32509996-C047-4D33-82A9-9CB36D7830F5}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{500309D8-6500-45BC-8DD1-C61746967634}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{51388839-FCF5-41A3-8456-A986094CC65A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{68DB9B9E-E98B-4C5B-B6A2-21AC37E792C9}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{818EE3B6-6353-4D3E-ABE2-C7B9468E7EA7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{821FE946-8910-4EA4-98BB-5622D22AF786}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E440117D-C18C-459A-8E51-6CF5DA591CA6}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E63EB759-79BB-4C47-846A-E133AC1B623E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Home & Student Suite X5
"_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Home & Student Suite X5 - Extra Content
"{031340C8-1733-40FE-BF52-83B599021BA9}" = CorelDRAW Graphics Suite X5 - IPM HSE
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414" = CanoScan LiDE 110 Scanner Driver
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{3463EABB-47C9-454D-BF13-474CAE5A9DA7}" = INKAR 2009
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{48C503D7-15A0-414A-B32E-0EFFA13B68E2}" = CorelDRAW Home & Student Suite X5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" = CorelDRAW Graphics Suite X5 - ES
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{78E804CC-A148-4C8F-AD46-0B476EFE34C2}" = Microsoft Image Composite Editor
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.8.7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8F18CFF8-8259-4148-AD00-2EE572754E92}" = CorelDRAW Graphics Suite X5 - FR
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{938C2383-A692-4D2C-AE45-024F91EF7B1D}" = CorelDRAW Graphics Suite X5 - PL
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" = CorelDRAW Graphics Suite X5 - NL
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CA12DA1D-25DD-4495-92D5-B1DE65D43C77}" = CorelDRAW Graphics Suite X5 - RU
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Home & Student Suite X5 - Extra Content
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" = CorelDRAW Graphics Suite X5 - IT
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}" = Roxio MyDVD Basic v9
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"ClearProg" = ClearProg 1.6.0 Final
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.57
"EAX Unified" = EAX Unified
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"LHTTSGED" = L&H TTS3000 Deutsch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Notepad++" = Notepad++
"OsdMaestro" = HP On-Screen Caps/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"SpywareBlaster_is1" = SpywareBlaster 4.4
"VLC media player" = VLC media player 1.1.9
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Schweizer Weltatlas" = Schweizer Weltatlas
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2010 08:17:01 | Computer Name = *****-PC | Source = Perflib | ID = 1008
Description =
Error - 15.03.2010 02:47:27 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 15.03.2010 02:47:27 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 15.03.2010 02:47:28 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 15.03.2010 02:47:28 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 15.03.2010 02:47:29 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 15.03.2010 02:47:29 | Computer Name = *****-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 19.03.2010 07:41:24 | Computer Name = *****-PC | Source = Perflib | ID = 1010
Description =
Error - 19.03.2010 07:41:26 | Computer Name = *****-PC | Source = Perflib | ID = 1008
Description =
Error - 20.03.2010 11:03:21 | Computer Name = *****-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3667 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: fc8 Anfangszeit: 01cac80eb120e7a8 Zeitpunkt der Beendigung:
212
[ Media Center Events ]
Error - 19.03.2011 15:54:02 | Computer Name = *****-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center
Guide
Error - 19.03.2011 18:35:08 | Computer Name = *****-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center
Guide
Error - 22.03.2011 14:36:42 | Computer Name = *****-PC | Source = Media Center Guide | ID = 4
Description = Ereignisinformationen: Unbekannter Verbindungsfehler. Windows Media
Center konnte keine Internetverbindung herstellen. Weitere Informationen finden
Sie in der Hilfe. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 02.05.2011 18:02:24 | Computer Name = *****-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center
Guide
[ OSession Events ]
Error - 19.01.2011 04:44:37 | Computer Name = *****-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 245
seconds with 240 seconds of active time. This session ended with a crash.
Error - 23.05.2011 10:17:25 | Computer Name = *****-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5639
seconds with 4320 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 23.06.2011 16:34:53 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 23.06.2011 16:36:23 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2011 03:13:24 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.06.2011 03:13:47 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2011 03:15:17 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2011 03:15:29 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.06.2011 03:15:29 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 24.06.2011 03:16:47 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2011 03:18:17 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2011 03:19:47 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
< End of report >
|
Baum-Darstellung