| Peterfisher | 31.07.2010 14:48 |
Also habe mit Malewarebytes einen Scan gemacht, und einen Funde bekommen, diesen habe ich beseitigt.
Welcher das war ist hier zu sehen: http://www.fotos-hochladen.net/virus1469b8u2.jpg Und der Bericht von MALEWAREBYTES
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4373
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
31.07.2010 15:34:41
mbam-log-2010-07-31 (15-34-41).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 222739
Laufzeit: 1 Stunde(n), 0 Minute(n), 45 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Programme\HyperCam Toolbar\somoto.dll (Adware.EcoBar) -> Quarantined and deleted successfully.
Außerdem habe ich wie Verlangt noch die 2 OTL texte:
Welche wiefolgt Lauten
OTL Logfile: Code:
OTL logfile created on: 31.07.2010 15:39:42 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,84 Gb Total Space | 10,64 Gb Free Space | 21,79% Space Free | Partition Type: NTFS
Drive D: | 100,20 Gb Total Space | 32,12 Gb Free Space | 32,06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BASTI-20827E50C
Current User Name: Bastian
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Process Revealer Free Edition\prfree.exe (Logixoft)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\WINXP\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Razer\Diamondback\razerhid.exe ()
PRC - C:\Programme\Razer\Diamondback\razerofa.exe (Razer Inc.)
PRC - C:\Programme\Razer\Diamondback\razertra.exe ()
PRC - C:\WINXP\system32\PAStiSvc.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVComS.exe (Logitech Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINXP\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINXP\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (npggsvc) -- C:\WINXP\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (STI Simulator) -- C:\WINXP\system32\PAStiSvc.exe ()
========== Driver Services (SafeList) ==========
DRV - (XDva347) -- C:\WINXP\System32\XDva347.sys File not found
DRV - (GEARAspiWDM) -- C:\WINXP\System32\DRIVERS\GEARAspiWDM.sys File not found
DRV - (EagleNT) -- C:\WINXP\System32\drivers\EagleNT.sys File not found
DRV - (KLIF) -- C:\WINXP\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (sptd) -- C:\WINXP\System32\Drivers\sptd.sys ()
DRV - (kl2) -- C:\WINXP\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\WINXP\system32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (hamachi) -- C:\WINXP\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (atksgt) -- C:\WINXP\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINXP\system32\drivers\lirsgt.sys ()
DRV - (SCREAMINGBDRIVER) -- C:\WINXP\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (klmouflt) -- C:\WINXP\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINXP\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (VClone) -- C:\WINXP\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (fssfltr) -- C:\WINXP\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\WINXP\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINXP\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (NCHSSVAD) -- C:\WINXP\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (nv) -- C:\WINXP\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (AtiHdmiService) -- C:\WINXP\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINXP\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AmdLLD) -- C:\WINXP\system32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (videX32) -- C:\WINXP\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (Razerlow) -- C:\WINXP\system32\drivers\Razerlow.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (PAC207) -- C:\WINXP\system32\drivers\PFC027.sys ()
DRV - (HDAudBus) -- C:\WINXP\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (TTCinergyT2) TerraTec Cinergy T² Driver (TTCinergyT2.sys) -- C:\WINXP\system32\drivers\TTCinergyT2.sys (TerraTec Electronic GmbH)
DRV - (gameenum) -- C:\WINXP\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINXP\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WmHidLo) -- C:\WINXP\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINXP\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINXP\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINXP\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmXlCore) -- C:\WINXP\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (QCMerced) -- C:\WINXP\system32\drivers\lvcm.sys (Logitech Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.27 18:25:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.28 14:32:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010.07.29 10:37:44 | 000,000,000 | ---D | M]
[2010.02.18 19:20:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Mozilla\Extensions
[2010.07.30 17:32:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Mozilla\Firefox\Profiles\id44jffz.default\extensions
[2009.09.27 00:17:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Mozilla\Firefox\Profiles\id44jffz.default\extensions\moveplayer@movenetworks.com
[2010.07.31 14:52:56 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.22 22:05:16 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.07.28 14:32:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.29 10:38:44 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.05.29 22:34:57 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.07.25 16:09:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.25 16:09:14 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.25 16:09:14 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.25 16:09:14 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.25 16:09:14 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2001.08.23 12:00:00 | 000,000,820 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINXP\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Diamondback] C:\Programme\Razer\Diamondback\razerhid.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMS] C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVComS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINXP\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINXP\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINXP\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.191.92.86 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINXP\system32\klogon.dll - C:\WINXP\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.12 11:28:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\DOKUME~1\ALLUSE~1\ANWEND~1\SPYWAR~1\sp_rsdel.exe "\??\C:\DOKUME~1\ALLUSE~1\ANWEND~1\SPYWAR~1\sp_rsdel.dat,) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.07.31 14:14:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Malwarebytes
[2010.07.31 14:14:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbamswissarmy.sys
[2010.07.31 14:14:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys
[2010.07.31 14:14:35 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.31 14:14:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.07.30 20:28:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Process Hacker 2
[2010.07.30 18:15:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Threat Expert
[2010.07.30 18:02:09 | 000,000,000 | ---D | C] -- C:\Programme\Spyware Doctor
[2010.07.30 18:00:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.07.30 17:20:13 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\WINXP\IsUninst.exe
[2010.07.30 17:10:02 | 000,000,000 | ---D | C] -- C:\Programme\Process Revealer Free Edition
[2010.07.30 17:10:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\prfree
[2010.07.30 16:54:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\QuickScan
[2010.07.29 10:37:07 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.07.29 10:37:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
[2010.07.29 10:36:44 | 000,477,784 | ---- | C] (Kaspersky Lab) -- C:\WINXP\System32\drivers\klif.sys
[2010.07.29 10:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
[2010.07.28 14:33:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.07.28 14:32:48 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINXP\System32\deployJava1.dll
[2010.07.28 14:32:48 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINXP\System32\javaws.exe
[2010.07.28 14:32:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINXP\System32\javaw.exe
[2010.07.28 14:32:48 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINXP\System32\java.exe
[2010.07.28 12:18:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Bastian\Recent
[2010.07.28 12:17:45 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.27 17:23:01 | 000,000,000 | ---D | C] -- C:\WINXP\pss
[2010.07.27 12:57:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\PriceGong
[2010.07.27 12:57:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.07.27 11:16:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Toolbar4
[2010.07.27 11:16:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
[2010.07.26 12:29:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Red Kawa
[2010.07.26 12:29:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Red Kawa
[2010.07.25 21:11:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia
[2010.07.25 16:05:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\PriceGong
[2010.07.19 20:30:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Geckofx
[2010.07.19 20:30:15 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2010.07.19 20:30:08 | 000,000,000 | ---D | C] -- C:\Programme\Red Kawa
[2010.07.18 15:33:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\FreeVideoConverter
[2010.07.18 15:33:06 | 000,000,000 | ---D | C] -- C:\Programme\Free Video Converter
[2010.07.18 15:31:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
[2010.07.18 15:31:38 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.07.18 15:31:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.07.18 15:31:37 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2010.07.16 21:26:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Help
[2010.07.14 14:29:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Publish Providers
[2010.07.14 14:27:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Sony
[2010.07.14 14:27:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Sony
[2010.07.14 14:26:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
[2010.07.14 14:26:20 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2010.07.14 14:23:16 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild
[2010.07.14 14:20:54 | 000,000,000 | ---D | C] -- C:\WINXP\System32\XPSViewer
[2010.07.14 14:20:53 | 000,000,000 | ---D | C] -- C:\WINXP\System32\en-us
[2010.07.14 14:20:26 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2010.07.14 14:20:08 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINXP\System32\spmsg2.dll
[2010.07.14 14:17:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Sony Setup
[2010.07.14 00:04:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\MAGIX Downloads
[2010.07.14 00:04:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\MAGIX_Video_Pro_X2
[2010.07.14 00:03:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\MAGIX
[2010.07.14 00:02:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\Xara
[2010.07.14 00:02:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared
[2010.07.14 00:02:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\MAGIX_Screenshare
[2010.07.14 00:01:32 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX
[2010.07.14 00:01:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2010.07.14 00:01:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Services
[2010.07.13 20:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Desktop\Dt Wow
[2010.07.13 20:52:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\DVDVideoSoft
[2010.07.13 20:52:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
[2010.07.13 20:52:00 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.07.12 19:18:03 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\WINXP\System32\drivers\AmdLLD.sys
[2010.07.12 19:18:02 | 000,000,000 | ---D | C] -- C:\Programme\AMD
[2010.07.12 19:17:59 | 000,000,000 | ---D | C] -- C:\WINXP\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2010.07.11 14:02:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\vlc
[2010.07.11 14:00:51 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
[2010.07.06 11:51:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bastian\WINDOWS
[7 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.31 15:37:11 | 000,258,753 | ---- | M] () -- C:\WINXP\System32\NvApps.xml
[2010.07.31 15:37:07 | 000,000,006 | -H-- | M] () -- C:\WINXP\tasks\SA.DAT
[2010.07.31 15:37:05 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2010.07.31 15:36:20 | 010,747,904 | -H-- | M] () -- C:\Dokumente und Einstellungen\Bastian\NTUSER.DAT
[2010.07.31 15:35:56 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Bastian\ntuser.ini
[2010.07.31 15:34:08 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Virus.bmp
[2010.07.31 14:14:39 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.30 22:31:48 | 000,002,239 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.07.30 21:01:05 | 000,090,624 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.29 22:21:02 | 000,001,148 | ---- | M] () -- C:\WINXP\win.ini
[2010.07.29 22:21:02 | 000,000,227 | ---- | M] () -- C:\WINXP\system.ini
[2010.07.29 22:21:02 | 000,000,219 | RHS- | M] () -- C:\boot.ini
[2010.07.29 17:46:58 | 000,113,933 | ---- | M] () -- C:\WINXP\System32\drivers\klin.dat
[2010.07.29 17:46:58 | 000,097,549 | ---- | M] () -- C:\WINXP\System32\drivers\klick.dat
[2010.07.29 10:36:44 | 000,477,784 | ---- | M] (Kaspersky Lab) -- C:\WINXP\System32\drivers\klif.sys
[2010.07.28 12:22:13 | 000,414,162 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\cc_20100728_122154.reg
[2010.07.27 10:24:34 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl
[2010.07.26 19:25:52 | 000,000,209 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Alien Swarm.url
[2010.07.25 11:40:16 | 000,000,823 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Outlook Express.lnk
[2010.07.18 01:48:30 | 000,004,141 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\.recently-used.xbel
[2010.07.17 22:29:31 | 000,304,160 | ---- | M] () -- C:\StiImg.dat
[2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINXP\System32\javaws.exe
[2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINXP\System32\javaw.exe
[2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINXP\System32\java.exe
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINXP\System32\deployJava1.dll
[2010.07.17 02:42:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINXP\System32\javacpl.cpl
[2010.07.14 23:09:31 | 000,211,288 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT
[2010.07.14 19:43:04 | 000,003,033 | -HS- | M] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Folder.jpg
[2010.07.14 19:43:04 | 000,001,194 | -HS- | M] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\AlbumArtSmall.jpg
[2010.07.14 14:37:34 | 000,062,808 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.07.14 14:28:59 | 000,002,544 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Vegas Pro registrieren.htm
[2010.07.14 14:27:00 | 000,001,505 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Vegas Pro 9.0.lnk
[2010.07.14 14:23:34 | 001,024,608 | ---- | M] () -- C:\WINXP\System32\PerfStringBackup.INI
[2010.07.14 14:23:34 | 000,443,102 | ---- | M] () -- C:\WINXP\System32\perfh007.dat
[2010.07.14 14:23:34 | 000,427,906 | ---- | M] () -- C:\WINXP\System32\perfh009.dat
[2010.07.14 14:23:34 | 000,078,708 | ---- | M] () -- C:\WINXP\System32\perfc007.dat
[2010.07.14 14:23:34 | 000,066,690 | ---- | M] () -- C:\WINXP\System32\perfc009.dat
[2010.07.09 20:42:57 | 000,000,038 | ---- | M] () -- C:\WINXP\TETRIS.INI
[2010.07.09 19:44:38 | 004,283,852 | -H-- | M] () -- C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.06 11:56:08 | 000,000,083 | ---- | M] () -- C:\WINXP\wa.INI
[2010.07.02 18:49:13 | 000,000,536 | ---- | M] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Wotlk.lnk
[7 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.31 15:34:08 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Virus.bmp
[2010.07.31 14:14:39 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.29 10:38:11 | 000,113,933 | ---- | C] () -- C:\WINXP\System32\drivers\klin.dat
[2010.07.29 10:38:11 | 000,097,549 | ---- | C] () -- C:\WINXP\System32\drivers\klick.dat
[2010.07.28 12:21:58 | 000,414,162 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\cc_20100728_122154.reg
[2010.07.26 19:25:52 | 000,000,209 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Alien Swarm.url
[2010.07.25 11:40:16 | 000,000,823 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Outlook Express.lnk
[2010.07.18 01:48:30 | 000,004,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\.recently-used.xbel
[2010.07.14 19:43:04 | 000,003,033 | -HS- | C] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Folder.jpg
[2010.07.14 19:43:04 | 000,001,194 | -HS- | C] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\AlbumArtSmall.jpg
[2010.07.14 14:28:59 | 000,002,544 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Vegas Pro registrieren.htm
[2010.07.14 14:27:00 | 000,001,505 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Vegas Pro 9.0.lnk
[2010.07.14 14:23:13 | 000,133,120 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.07.14 00:02:10 | 000,120,200 | ---- | C] () -- C:\WINXP\System32\DLLDEV32i.dll
[2010.07.09 11:36:36 | 000,000,038 | ---- | C] () -- C:\WINXP\TETRIS.INI
[2010.07.06 11:56:08 | 000,000,083 | ---- | C] () -- C:\WINXP\wa.INI
[2010.07.02 18:49:16 | 000,000,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Bastian\Desktop\Wotlk.lnk
[2010.06.29 19:58:11 | 000,691,696 | ---- | C] () -- C:\WINXP\System32\drivers\sptd.sys
[2010.01.30 20:00:14 | 000,484,352 | ---- | C] () -- C:\WINXP\System32\lame_enc.dll
[2010.01.07 21:01:25 | 000,279,712 | ---- | C] () -- C:\WINXP\System32\drivers\atksgt.sys
[2010.01.07 21:01:25 | 000,025,888 | ---- | C] () -- C:\WINXP\System32\drivers\lirsgt.sys
[2009.10.16 18:16:05 | 000,000,754 | ---- | C] () -- C:\WINXP\WORDPAD.INI
[2009.07.02 19:51:39 | 000,000,010 | ---- | C] () -- C:\WINXP\WININIT.INI
[2009.01.24 13:28:04 | 000,000,241 | ---- | C] () -- C:\WINXP\QSync.INI
[2009.01.24 13:27:18 | 000,081,920 | ---- | C] () -- C:\WINXP\System32\LVUI2RC.dll
[2009.01.24 13:27:18 | 000,010,628 | ---- | C] () -- C:\WINXP\System32\lvcoinst.ini
[2009.01.24 13:26:51 | 000,000,804 | ---- | C] () -- C:\WINXP\_delis32.ini
[2008.07.26 06:48:00 | 001,724,416 | ---- | C] () -- C:\WINXP\System32\nvwdmcpl.dll
[2008.07.26 06:48:00 | 001,499,136 | ---- | C] () -- C:\WINXP\System32\nview.dll
[2008.07.26 06:48:00 | 001,101,824 | ---- | C] () -- C:\WINXP\System32\nvwimg.dll
[2008.07.26 06:48:00 | 000,466,944 | ---- | C] () -- C:\WINXP\System32\nvshell.dll
[2008.07.26 06:48:00 | 000,286,720 | ---- | C] () -- C:\WINXP\System32\nvnt4cpl.dll
[2005.02.24 09:59:14 | 000,162,176 | ---- | C] () -- C:\WINXP\System32\drivers\PFC027.sys
[2005.01.25 12:45:42 | 000,010,240 | ---- | C] () -- C:\WINXP\System32\PA207USD.DLL
[2004.04.23 10:36:42 | 000,298,496 | ---- | C] () -- C:\WINXP\System32\dbfb.dll
[1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\WINXP\System32\indounin.dll
[1997.06.13 08:56:08 | 000,056,832 | ---- | C] () -- C:\WINXP\System32\Iyvu9_32.dll
[1996.02.08 17:40:58 | 000,004,519 | --S- | C] () -- C:\WINXP\System32\nslnet5.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >
--- --- --- UND
OTL Logfile: Code:
OTL Extras logfile created on: 31.07.2010 15:39:42 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,84 Gb Total Space | 10,64 Gb Free Space | 21,79% Space Free | Partition Type: NTFS
Drive D: | 100,20 Gb Total Space | 32,12 Gb Free Space | 32,06% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BASTI-20827E50C
Current User Name: Bastian
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"59142:TCP" = 59142:TCP:*:Enabled:Pando Media Booster
"59142:UDP" = 59142:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"D:\Spiele\GUILD WARS\Gw.exe" = D:\Spiele\GUILD WARS\Gw.exe:*:Enabled:GUILD WARS -- (ArenaNet)
"D:\Programme\Metin2_Germany\metin2.bin" = D:\Programme\Metin2_Germany\metin2.bin:*:Enabled:metin2 -- File not found
"C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\WoW-2.3.0.7561-deDE\Installer.exe" = C:\Dokumente und Einstellungen\Bastian\Eigene Dateien\WoW-2.3.0.7561-deDE\Installer.exe:*:Enabled:Installer -- File not found
"C:\Soldat\Soldat.exe" = C:\Soldat\Soldat.exe:*:Enabled:Soldat -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Dokumente und Einstellungen\Bastian\Desktop\bcsetup.exe" = C:\Dokumente und Einstellungen\Bastian\Desktop\bcsetup.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\Steam\SteamApps\1roy23\day of defeat source\hl2.exe" = D:\Programme\Steam\SteamApps\1roy23\day of defeat source\hl2.exe:*:Enabled:hl2 -- File not found
"D:\Programme\Warcraft III\Warcraft III.exe" = D:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"D:\Programme\Warcraft III\War3.exe" = D:\Programme\Warcraft III\War3.exe:*:Enabled:Warcraft III -- File not found
"D:\Programme\TmNationsForever\TmForever.exe" = D:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found
"C:\WINXP\system32\rtcshare.exe" = C:\WINXP\system32\rtcshare.exe:*:Enabled:RTC-Gemeinsame Nutzung von Anwendungen -- (Microsoft Corporation)
"D:\Programme\alaplaya\S4League\S4Client.exe" = D:\Programme\alaplaya\S4League\S4Client.exe:*:Enabled:Project S4 Client.exe -- ()
"D:\Programme\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.exe" = D:\Programme\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.exe:*:Disabled:Launcher -- File not found
"D:\Programme\alaplaya\S4League\patcher_s4.exe" = D:\Programme\alaplaya\S4League\patcher_s4.exe:*:Enabled:S4League -- ((c) Neowiz Games)
"D:\Programme\alaplaya\S4League\HShield\HSUpdate.exe" = D:\Programme\alaplaya\S4League\HShield\HSUpdate.exe:*:Enabled:HSUpdate -- (AhnLab, Inc.)
"D:\Programme\alaplaya\S4League\HShield\ShadowUser.exe" = D:\Programme\alaplaya\S4League\HShield\ShadowUser.exe:*:Enabled:ShadowUser -- File not found
"D:\Programme\alaplaya\S4League\HShield\Update\autoup.exe" = D:\Programme\alaplaya\S4League\HShield\Update\autoup.exe:*:Enabled:autoup -- (AhnLab, Inc.)
"D:\Soldat\Soldat.exe" = D:\Soldat\Soldat.exe:*:Enabled:Soldat -- (Michal Marcinkowski)
"D:\Programme\Steam\SteamApps\1roy23\source sdk base\hl2.exe" = D:\Programme\Steam\SteamApps\1roy23\source sdk base\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- File not found
"D:\Programme\Microsoft Games\Halo\halo.exe" = D:\Programme\Microsoft Games\Halo\halo.exe:*:Enabled:Halo -- File not found
"D:\Programme\Unreal Tournament 2004\System\UT2004.exe" = D:\Programme\Unreal Tournament 2004\System\UT2004.exe:*:Enabled:UT2004 -- File not found
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\WINXP\system32\dpvsetup.exe" = C:\WINXP\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Classic (tvtv Setup) -- File not found
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Classic -- File not found
"C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Classic (Auto Update) -- File not found
"C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Temp\{0B7F046A-29FE-42B4-A497-D1BB23DD1FEA}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe" = C:\Dokumente und Einstellungen\Bastian\Lokale Einstellungen\Temp\{0B7F046A-29FE-42B4-A497-D1BB23DD1FEA}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe:*:Enabled:TerraTec Home Cinema (Setup) -- File not found
"D:\Programme\Steam\SteamApps\1roy23\half-life 2 deathmatch\hl2.exe" = D:\Programme\Steam\SteamApps\1roy23\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"D:\Programme\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe" = D:\Programme\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:jk2mp -- File not found
"C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Dokumente und Einstellungen\Bastian\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Disabled:Main program for Octoshape client -- File not found
"D:\Programme\Steam\SteamApps\1roy23\condition zero deleted scenes\hl.exe" = D:\Programme\Steam\SteamApps\1roy23\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"D:\Programme\Steam\Steam.exe" = D:\Programme\Steam\Steam.exe:*:Enabled:Steam 732897 -- (Valve Corporation)
"D:\Programme\Microsoft Games\Age of Mythology\aomx.exe" = D:\Programme\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion -- File not found
"D:\Programme\World of Warcraft\WoW-3.2.0-deDE-downloader.exe" = D:\Programme\World of Warcraft\WoW-3.2.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"D:\Programme\World of Warcraft\Launcher.exe" = D:\Programme\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"D:\Programme\League of Legends\Air\LolClient.exe" = D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- ()
"D:\Programme\League of Legends\Game\League of Legends.exe" = D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"D:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = D:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\DNA\btdna.exe" = C:\Programme\DNA\btdna.exe:*:Enabled:DNA -- File not found
"D:\AeriaGames\WolfTeam-DE\Wolfteam.bin" = D:\AeriaGames\WolfTeam-DE\Wolfteam.bin:*:Enabled:WolfTeam -- File not found
"C:\AeriaGames\WolfTeam-DE\Wolfteam.bin" = C:\AeriaGames\WolfTeam-DE\Wolfteam.bin:*:Enabled:WolfTeam -- File not found
"D:\Programme\wa.exe" = D:\Programme\wa.exe:*:Enabled:Worms Armageddon -- File not found
"C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe" = C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi -- File not found
"D:\Programme\Steam\SteamApps\1roy23\counter-strike\hl.exe" = D:\Programme\Steam\SteamApps\1roy23\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"D:\Programme\halo.exe" = D:\Programme\halo.exe:*:Enabled:Halo -- File not found
"D:\Programme\Steam\SteamApps\common\alien swarm\srcds.exe" = D:\Programme\Steam\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server -- ()
"D:\Programme\Steam\SteamApps\common\alien swarm\swarm.exe" = D:\Programme\Steam\SteamApps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm -- ()
"D:\Programme\Steam\SteamApps\common\alien swarm\bin\SDKLauncher.exe" = D:\Programme\Steam\SteamApps\common\alien swarm\bin\SDKLauncher.exe:*:Enabled:Alien Swarm - SDK -- ()
"D:\Programme\Steam\SteamApps\1roy23\counter-strike source\hl2.exe" = D:\Programme\Steam\SteamApps\1roy23\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0A9C92A5-D27F-4BD9-9DB9-0EFD8C681E29}" = Safari
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39CC52FD-0D9E-47DA-B491-4FE095AB84B7}_is1" = SmartMorph 1.53
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CE4B975-A5C1-43C0-A565-C00F0ABFC94C}" = PC-Bibliothek 3.0
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"{6B7E4A1A-BBE1-4E8F-ABD2-7FCE1168E032}" = MAGIX 3D Maker (embedded MSI)
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7BD0D8F8-A13C-48D2-B201-4AD29A48AF34}" = Google SketchUp 7
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{948BE614-F37B-4A73-AD43-0245F23C110D}" = Logitech GamePanel Software 2.00
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{97922AE1-B850-4B21-85EF-FD1E7ED20D65}" = MAGIX Speed 2 (MSI)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{D96021A9-B290-4783-B019-0E4000DA84CE}" = S4 League_EU
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}" = Razer Diamondback
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F67BF1DF-8461-46DA-BAF2-DAE86548C547}" = Cinergy*Digital 2
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ATI Display Driver" = ATI Display Driver
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Fraps" = Fraps
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video Dub_is1" = Free Video Dub version 1.7
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 4.0
"Guild Wars" = GUILD WARS
"GuildWars Visions_is1" = GuildWars Visions v1.08
"HD Tune_is1" = HD Tune 2.55
"HyperCam 2" = HyperCam 2
"HyperCam Toolbar" = HyperCam Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{F6CE1230-A694-4B86-B21C-A11A112689DA}" = Trust WB-1400T Webcam
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Anti-Virus 2011
"IrfanView" = IrfanView (remove only)
"Junction Link Magic_is1" = Junction Link Magic 2.0
"Kalenderchen_is1" = Kalenderchen 4
"League of Legends_is1" = League of Legends
"MAGIX Screenshare D" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MobMap_is1" = MobMap 3.53
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSNINST" = MSN
"Mumble" = Mumble and Murmur
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Process Revealer Free Edition" = Process Revealer Free Edition 1.0
"PSP Video 9" = PSP Video 9 5.04
"Soldat_is1" = Soldat 1.5.0
"Source Violence Patch 1.5 BETA v2_is1" = Source Violence Patch 1.5 BETA
"Steam App 10" = Counter-Strike
"Steam App 100" = Condition Zero Deleted Scenes
"Steam App 215" = Source SDK Base
"Steam App 400" = Portal
"Steam App 630" = Alien Swarm
"Steam App 640" = Alien Swarm - SDK
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.0
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Worms Armageddon" = Worms Armageddon
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.07.2010 16:14:40 | Computer Name = BASTI-20827E50C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 11.0.5721.5145, fehlgeschlagenes
Modul mumble_ol.dll, Version 0.0.0.0, Fehleradresse 0x00010c62.
Error - 26.07.2010 16:26:23 | Computer Name = BASTI-20827E50C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung swarm.exe, Version 0.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 26.07.2010 19:18:43 | Computer Name = BASTI-20827E50C | Source = Bonjour Service | ID = 100
Description = 200: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 27.07.2010 10:59:40 | Computer Name = BASTI-20827E50C | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 27.07.2010 14:11:31 | Computer Name = BASTI-20827E50C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung swarm.exe, Version 0.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.07.2010 06:30:28 | Computer Name = BASTI-20827E50C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3855, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.07.2010 06:30:28 | Computer Name = BASTI-20827E50C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3855, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.07.2010 16:07:27 | Computer Name = BASTI-20827E50C | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 30.07.2010 08:56:33 | Computer Name = BASTI-20827E50C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ts3client_win32.exe, Version 1.0.0.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 30.07.2010 13:28:30 | Computer Name = BASTI-20827E50C | Source = Userenv | ID = 1512
Description = Die Registrierungsdatei konnte nicht entladen werden. Der für die
Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dies wird oft
durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen
Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen.
Wenden Sie sich an den Netzwerkadministrator, wenn das Problem weiterhin besteht.
Details - Nicht genügend Systemressourcen, um den angeforderten Dienst auszuführen.
[ System Events ]
Error - 27.07.2010 04:29:06 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:29:09 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:29:14 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:29:14 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:29:16 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:29:20 | Computer Name = BASTI-20827E50C | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 27.07.2010 04:50:22 | Computer Name = BASTI-20827E50C | Source = NetBT | ID = 4321
Description = Der Name "FAMILIE :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.132 registriert werden. Der Computer mit IP-Adresse 192.168.2.183
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 29.07.2010 04:38:17 | Computer Name = BASTI-20827E50C | Source = Service Control Manager | ID = 7000
Description = Der Dienst "kl2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error - 31.07.2010 09:35:53 | Computer Name = BASTI-20827E50C | Source = DCOM | ID = 10010
Description = Der Server "{B2B3C70A-B20F-40B7-90C5-EA7E946C16E0}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 31.07.2010 09:37:22 | Computer Name = BASTI-20827E50C | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
ViaIde
< End of report >
--- --- ---
PS: ich hoffe ich hab das richtige und das ihr daraus was erkennen könnt :( |
