| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.01.2012, 19:15
| #1 |
| |  Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? Hallo zusammen, ich weiß, dass man sein Problem möglichst exakt definieren sollte, allerdings ist das nicht so einfach. Mein Rechner ist seit kurzem extrem langsam, das alleine nervt schon sehr. Außerdem verstellt sich aber auch immer öfter der Desktop nach dem Neustart, d.h. der Hintergrund ist weg, die Taskleiste verschwunden,... Kann mir jemand von euch sagen, was zu tun ist um rauszukriegen, wo das Problem liegt? Besten Dank! Nicky |
|
19.01.2012, 19:30
| #2 |
| /// Malware-holic   |  Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? hiho
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
19.01.2012, 21:29
| #3 |
| | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? So, hier nun also die Ergebnisse:
__________________OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.01.2012 19:40:14 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jana und Nicky\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free 6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.19 19:36:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jana und Nicky\Downloads\OTL.exe PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.12.09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe PRC - [2010.10.29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.09.20 00:43:04 | 000,204,800 | ---- | M] (ATK) -- C:\Program files\P4G\BatteryLife.exe PRC - [2008.07.24 11:16:01 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.07.19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2008.07.15 19:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2008.07.15 19:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2008.06.25 03:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2008.06.24 04:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2008.06.19 20:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe PRC - [2008.06.18 06:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe PRC - [2008.06.04 01:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008.01.23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe PRC - [2008.01.21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe PRC - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe PRC - [2007.07.06 00:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe PRC - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe ========== Modules (No Company Name) ========== MOD - [2012.01.19 19:03:20 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2012.01.19 19:03:20 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2012.01.09 21:48:23 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2012.01.09 21:48:23 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2008.08.27 19:05:06 | 000,015,872 | ---- | M] () -- C:\Program files\P4G\OvrClk.dll MOD - [2008.08.20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program files\P4G\DevMng.dll MOD - [2008.07.19 03:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2008.06.09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2008.01.12 06:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe MOD - [2007.11.12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll MOD - [2007.08.14 21:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll MOD - [2007.07.12 21:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007.07.12 21:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll MOD - [2007.03.10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll ========== Win32 Services (SafeList) ========== SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASCORE.EXE -- (!SASCORE) SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2008.01.21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008.01.21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) ========== Driver Services (SafeList) ========== DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASDIFSV.SYS -- (SASDIFSV) DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware 5.0.1142\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon) DRV - [2010.09.13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2010.09.07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2010.09.07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2010.09.07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2010.09.07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2010.08.19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2010.08.19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2010.08.19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2008.09.19 13:20:59 | 007,404,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.09.05 21:20:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008.08.28 16:48:45 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.08.06 09:26:07 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008.06.03 07:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008.05.29 18:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby) DRV - [2008.04.01 08:13:57 | 001,807,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008.02.16 01:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007.07.30 19:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.07.30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006.12.14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {795828a9-f271-43a8-8536-4484bb991d3d} - No CLSID value found IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.93\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {795828A9-F271-43A8-8536-4484BB991D3D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware 5.0.1142\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5992A805-6A92-47A0-98D9-7D7639DDE6EF}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware 5.0.1142\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun O33 - MountPoints2\{01f8b756-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell - "" = AutoRun O33 - MountPoints2\{01f8b771-d14f-11de-b1d3-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell - "" = AutoRun O33 - MountPoints2\{1b1407ba-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell - "" = AutoRun O33 - MountPoints2\{1b1407bb-91bd-11df-9526-002354841119}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.09 21:48:11 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\SUPERAntiSpyware.com [2012.01.09 21:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.01.09 21:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012.01.09 21:45:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware 5.0.1142 [2012.01.09 21:43:18 | 000,000,000 | ---D | C] -- C:\Users\Jana und Nicky\AppData\Roaming\Malwarebytes [2012.01.09 21:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.01.09 21:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.01.09 21:42:43 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.01.09 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti Malware 1.60 [2012.01.07 15:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.01.07 15:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.01.07 15:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.01.07 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Safari [2012.01.06 18:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2008.06.03 07:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys ========== Files - Modified Within 30 Days ========== [2012.01.19 19:02:18 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.01.19 19:02:13 | 000,032,726 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.01.19 19:02:13 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.01.19 19:01:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2012.01.19 19:01:46 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012.01.19 19:01:42 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.19 19:01:34 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.19 19:01:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.19 19:00:50 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys [2012.01.19 14:23:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.01.13 13:11:57 | 000,635,680 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.13 13:11:57 | 000,602,238 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.13 13:11:57 | 000,129,990 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.13 13:11:57 | 000,107,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.11 19:21:06 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012.01.09 21:47:33 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.01.09 21:42:54 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.07 15:50:53 | 000,024,206 | ---- | M] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png [2012.01.07 15:34:40 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.01.07 15:29:47 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2012.01.07 15:29:06 | 000,000,628 | ---- | M] () -- C:\Windows\System32\mapisvc.inf [2012.01.06 18:58:03 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.01.06 18:41:44 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2012.01.06 18:41:44 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2012.01.06 18:41:27 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf ========== Files Created - No Company Name ========== [2012.01.09 21:47:33 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.01.09 21:42:54 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.07 15:50:53 | 000,024,206 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Roaming\UserTile.png [2012.01.07 15:34:40 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2012.01.07 15:29:47 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk [2012.01.06 18:41:27 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.10.23 08:36:20 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010.08.21 15:11:12 | 000,000,680 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\d3d9caps.dat [2009.11.14 20:40:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009.10.20 16:58:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.10.20 16:58:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.07.21 21:39:35 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.07.17 21:34:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2009.07.17 21:19:47 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.07.17 20:40:33 | 000,032,726 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.07.16 20:54:56 | 000,005,120 | ---- | C] () -- C:\Users\Jana und Nicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.16 19:50:44 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2009.07.16 19:09:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2009.03.09 19:54:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [2008.04.16 12:11:34 | 000,635,680 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.16 12:11:34 | 000,129,990 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2008.04.01 08:13:57 | 001,807,744 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2007.05.10 00:39:28 | 000,003,584 | ---- | C] () -- C:\Windows\System32\CNCFLcNL.DLL [2007.05.09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,392,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,602,238 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,107,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== LOP Check ========== [2010.06.19 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\FileZilla [2009.11.05 14:04:08 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Leadertech [2009.11.05 13:16:37 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\Nordic Games [2009.07.16 20:39:56 | 000,000,000 | ---D | M] -- C:\Users\Jana und Nicky\AppData\Roaming\OpenOffice.org [2012.01.19 14:23:22 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.04.06 20:03:35 | 000,000,000 | -H-D | M] -- C:\$AVG [2009.07.16 19:21:00 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2009.03.09 21:47:06 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS [2009.10.22 09:55:23 | 000,000,000 | -HSD | M] -- C:\Boot [2011.03.03 14:15:29 | 000,000,000 | ---D | M] -- C:\Casino [2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.03.09 20:58:52 | 000,000,000 | ---D | M] -- C:\Intel [2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.01.09 21:46:02 | 000,000,000 | R--D | M] -- C:\Program Files [2012.01.11 19:21:06 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.10.23 08:42:57 | 000,000,000 | -H-D | M] -- C:\Recycle.Bin [2012.01.19 19:45:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2009.07.16 19:09:21 | 000,000,000 | R--D | M] -- C:\Users [2012.01.09 21:53:59 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\drivers\iaStor.sys [2008.09.12 06:32:55 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3c4af4a0\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes Anti Malware 1.60\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\drivers\MpNWMon.sys < %systemroot%\System32\config\*.sav > [2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2012.01.19 19:52:25 | 002,883,584 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT [2012.01.19 19:52:25 | 000,262,144 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG1 [2009.07.16 19:09:22 | 000,000,000 | -H-- | M] () -- C:\Users\Jana und Nicky\ntuser.dat.LOG2 [2012.01.19 14:23:44 | 000,065,536 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012.01.19 14:23:44 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2011.06.10 10:48:30 | 000,524,288 | -HS- | M] () -- C:\Users\Jana und Nicky\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2009.07.16 19:09:23 | 000,000,020 | -HS- | M] () -- C:\Users\Jana und Nicky\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Extras.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 19.01.2012 19:40:14 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jana und Nicky\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 51,42% Memory free
6,19 Gb Paging File | 4,79 Gb Available in Paging File | 77,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 114,51 Gb Free Space | 76,83% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 134,92 Gb Free Space | 98,25% Space Free | Partition Type: NTFS
Computer Name: JANAUNDNICKY-PC | User Name: Jana und Nicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18B40C1C-0830-4369-94DE-09CD8C651EF5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{276F8F68-8226-43FB-AAE3-B5448730731B}" = rport=139 | protocol=6 | dir=out | app=system |
"{3621FF72-0F16-4333-B2F0-6141CEA142E4}" = lport=137 | protocol=17 | dir=in | app=system |
"{4EA2A0C4-43E0-434B-84DF-73D7C4A44AF8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{587D0214-E505-4697-AC9B-162125AFD98D}" = lport=138 | protocol=17 | dir=in | app=system |
"{7D134EAC-2D1A-4118-84E6-A63F6F8D5AC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{82A78F61-C174-40C8-AF4B-2D4A734F3827}" = lport=445 | protocol=6 | dir=in | app=system |
"{885A0D0A-0AB8-4DC4-885E-C1E78FC3C597}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9EDD8C28-DBDA-49B7-8239-E646C4FCDAF7}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9F86E006-E487-428C-A7C2-88B6AC6FCAC4}" = lport=139 | protocol=6 | dir=in | app=system |
"{B48F8A36-A54B-400C-B135-37EA582F358C}" = rport=137 | protocol=17 | dir=out | app=system |
"{BD01D076-7807-4F76-91C6-48FE08EB490A}" = rport=138 | protocol=17 | dir=out | app=system |
"{CA661950-BCF3-4F9C-A76E-379AC43BEBB8}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8CFA5C1-52DA-4E85-9D96-BF90A2CE4E6C}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01872D39-6379-4351-81B6-8ACBC652FAC4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{02F5008D-58B8-404B-9377-1C9137F4269D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0451E882-4BBC-4BF5-AD10-CCF6247BD1CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0470FDA4-B3B3-4EB5-9A47-C506EE7E6A80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{079A5B39-4DCA-4FF9-9AF9-EE120BDC2611}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AD39CCC-1AB2-42F2-A3DA-DE739096F2D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DEBE2C3-F67B-4B1D-8839-6A56DA2CA065}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EA01597-E582-4A93-B85A-19BEEBD242C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F80572B-0E96-4670-AC3C-DEC74E9F5485}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{170E3978-AC91-4D2D-B758-3B14DEDD9A09}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2172B48D-D35E-43D9-A091-100E8AE07080}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{217F3BA4-D92F-47E9-B05D-144C4C32BE82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{281C8D46-434C-4B2D-8886-0BCCA7878EA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A4853AA-3286-4E61-A1CD-5AED9AE1F956}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2C83ECB3-DAB8-48C9-A621-FF662458F5CC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2FBEE68A-F5D7-402E-B37D-D0466F7BEB7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45786974-9352-4821-857D-EEB510D05195}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{459087F0-7E28-42D2-A992-8B31236EE062}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45FCC3DE-F822-473F-B4F6-0407942CB7C5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{4D68187D-74AB-44EE-BE0F-6292CEA0AA1A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4DC2181E-346A-4243-AD0F-4E87CED3441F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{544E492E-004A-41F1-AE3B-7F7F0152DF9E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5652C260-BD7C-49B5-BBCD-443A2B38C4B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B91BFA5-4331-457D-9601-1E5D27BDB08F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5DC96FB3-7866-405A-97BC-758A6C60F417}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{629E75B8-1079-4DB4-9DC7-9BB0BFDAE69D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68CEC4A8-4572-4E71-A8D6-9F7FA2FD34A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A8FD13D-6969-4BBB-9A6E-DAC611D0FC03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6B394C84-B31A-4AC6-8D0E-905192ED25E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7281E40B-1678-4751-8FBD-1D2419016794}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{73BDF3E5-A344-4B8B-BE92-3E8858C156A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7637E6FD-C6E4-416D-AA52-3C2B8D1193DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77F2C600-4312-40AB-A27B-1DB19F466B19}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7996B3E6-2E9B-48DE-9610-020D66F68C33}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{7B1D3E9E-D538-42F9-A286-AA90D2E9B942}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{872C33DD-5734-4814-88E5-5E62E3C24E49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87B8B52A-413F-4E73-B174-9674806FD404}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8A8A842F-8EBD-4D6F-BDCB-060AEF0BB8CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8ABC285D-0F67-4951-8691-1AB9EBABB8D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C471E4A-D8E7-445B-9D76-69922C2B13B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9920ECD5-57AB-4510-9058-8C6C1F0A1405}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99EB0145-B60A-44BE-8702-889B5CDB7317}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9BA58841-AB3A-4FA1-B653-843679FDF983}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DB92A0C-BCF3-4461-A103-4F379D16AEA2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9FD108B2-1362-4893-BCF9-4A8F809DEC19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9FF1B404-0EBB-4501-A30C-2D2AB1C2E57F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0073CB2-1816-4BF5-B43C-2907AC462A3B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A194B4EA-01F2-46EB-8889-B78CCFB942B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6B0B95A-80C0-4603-8288-E5AB77CB9A1A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A729DC7F-1C32-4732-94BF-4E5E3F68BE24}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{AE1CB86F-B319-41B0-B393-CB86C15F70AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B053C84C-15E1-4D0D-9CE3-84EE4C4ACF33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2C3E220-2E0A-468D-87ED-759E7BBC256C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6E6DF19-49D2-491B-91A1-A2D6514BF409}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7B3AEB2-42CB-42FF-BAEC-DDEBDEE6FC35}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB4ACF43-1DEF-444C-A229-1DF9304BD59C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC1EB4F7-C498-4A19-B980-26DD96652463}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BED8B13D-0E3D-4239-AB6B-700B4DA432B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF9C790F-88DF-4441-96C6-699883D62624}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C44D4116-7E36-4433-8A2B-D9D7E65658F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6C982FA-E6E8-49E8-8C11-D867573CFF82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6CEBBB5-0DF2-4386-8B72-06788B31F956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C79BFE04-BD3B-4DDB-841F-D2E0D9BAE307}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA7D8B43-57D6-4C56-B0CA-ADE72A8DDB36}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA7F75CD-1C24-4229-953A-8C9A99CB753E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDD0ADBC-7A2C-41F1-8629-1385DF399A7B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D656E8BF-12C1-4AAD-901A-4F35764173E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0A68BF3-98C3-4D8B-B8C2-2E191807C810}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E3989692-EA23-49BE-B6D2-6B99C1A298F9}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E86A5342-51E5-4856-9B6F-7E1615D770F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE45CE25-7CB5-4970-AF20-CB1A1D73A47F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0552143-CD9C-4A1A-8B9D-6DD0D3D00364}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8EFFA99-FE78-4F55-BC5E-22642CBED0DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{36932D1F-3B36-4301-AB61-1984C9D8F523}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{4783F3EB-AB99-4C27-8C9D-CD69B288F776}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{317AB8DA-3C8E-4C1A-B789-2F6733808524}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{F7A54F87-F1EE-4980-B433-7BFC1C31C13F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}" = Express Gate
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.1.0.1
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS_Notebook_N50" = ASUS_Notebook_N50 Screen Saver
"CCleaner" = CCleaner
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.11.2010 16:23:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.11.2010 09:11:42 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.11.2010 09:13:32 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description =
Error - 25.11.2010 09:13:39 | Computer Name = JanaundNicky-PC | Source = System Restore | ID = 8193
Description =
Error - 25.11.2010 15:17:46 | Computer Name = JanaundNicky-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 25.11.2010 15:19:15 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 25.11.2010 15:19:16 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 25.11.2010 15:55:36 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066739, Prozess-ID 0x1740, Anwendungsstartzeit
01cb8cda54ff4ac3.
Error - 25.11.2010 16:02:59 | Computer Name = JanaundNicky-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18975, Zeitstempel
0x4c8710a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066739, Prozess-ID 0x16d0, Anwendungsstartzeit
01cb8cdb14b1e853.
[ Media Center Events ]
Error - 14.05.2010 15:27:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 04.07.2010 09:59:06 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 05.09.2010 03:45:14 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 06.11.2010 02:08:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 29.01.2011 05:07:55 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 29.01.2011 07:07:25 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 31.01.2011 06:43:44 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 14.03.2011 14:56:09 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 23.04.2011 03:04:08 | Computer Name = JanaundNicky-PC | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ System Events ]
Error - 18.01.2012 16:13:38 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 18.01.2012 16:14:55 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 19.01.2012 06:28:54 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.01.2012 06:30:51 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 19.01.2012 09:12:46 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 19.01.2012 09:13:19 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.01.2012 09:15:02 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 19.01.2012 14:02:04 | Computer Name = JanaundNicky-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 19.01.2012 14:02:34 | Computer Name = JanaundNicky-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 19.01.2012 14:03:45 | Computer Name = JanaundNicky-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
Danke!! |
|
19.01.2012, 21:33
| #4 |
| /// Malware-holic | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? öffne malwarebytes, logdateien, scan berichte posten. das selbe bei super antispyware
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.01.2012, 21:37
| #5 |
| | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? Meinst du z.b. das hier? 2012/01/19 11:30:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/01/19 11:30:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/01/19 11:30:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/01/19 11:30:28 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/01/19 14:14:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/01/19 14:14:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/01/19 14:14:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/01/19 14:14:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/01/19 19:03:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/01/19 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/01/19 19:04:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/01/19 19:04:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/01/19 19:04:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.01.18.05 to version v2012.01.19.03 2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/01/19 19:04:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/01/19 19:04:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/01/19 19:04:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/01/19 19:04:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully |
|
19.01.2012, 23:00
| #6 |
| | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? Hier der Log von SUPERAntiSpyware: SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 01/19/2012 at 10:58 PM Application Version : 5.0.1142 Core Rules Database Version : 8115 Trace Rules Database Version: 5927 Scan type : Complete Scan Total Scan Time : 01:18:57 Operating System Information Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002) UAC On - Administrator Memory items scanned : 649 Memory threats detected : 0 Registry items scanned : 36533 Registry threats detected : 0 File items scanned : 68038 File threats detected : 144 Adware.Tracking Cookie C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OIBRXIHV.txt [ /tracking.quisma.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\U91669E3.txt [ /ads.creative-serving.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\OR2V7QPN.txt [ /ad.adnet.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JI0JFDER.txt [ /adtech.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\59P77PE9.txt [ /ad.ad-srv.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\YZ4393W9.txt [ /ad.zanox.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QQM80QTU.txt [ /atdmt.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XGL8VSWS.txt [ /dyntracker.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\P89B9ENI.txt [ /www.zanox-affiliate.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\29YHR0RS.txt [ /apmebf.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\D2LDUMHT.txt [ /eas.apm.emediate.eu ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VMXSYYYI.txt [ /ad4.adfarm1.adition.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\8OLERRTN.txt [ /olympiaverlag.122.2o7.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\HROMIPG6.txt [ /advertising.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\QP0SAQXX.txt [ /adform.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\L8H65U3P.txt [ /imrworldwide.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\V76PMH06.txt [ /adviva.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\G4XJCRNO.txt [ /zanox-affiliate.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4DKNRPXD.txt [ /track.adform.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ID5C4GDX.txt [ /adserver.adtechus.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\DY85XZEF.txt [ /adfarm1.adition.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\5VPQOZ67.txt [ /bs.serving-sys.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ERJL0JPL.txt [ /traffictrack.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\FQU48GFP.txt [ /banners.victor.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XH7CWUHJ.txt [ /tradedoubler.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\ABLG0Z4P.txt [ /ad.360yield.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\SYBR1KL9.txt [ /smartadserver.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\XO87HBSY.txt [ /ad.yieldmanager.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\9ZWI0MVA.txt [ /serving-sys.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\W2GX5FRB.txt [ /specificclick.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\KB6FWZ45.txt [ /de.sitestat.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\NE6RWFI6.txt [ /ad.adc-serv.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WXQIODFU.txt [ /ad1.adfarm1.adition.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\VBP68BDT.txt [ /a.revenuemax.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\3HQX5H8F.txt [ /ad3.adfarm1.adition.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\RKYA1W2Y.txt [ /invitemedia.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\4Q015XUF.txt [ /de.sitestat.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\JWRFYQFU.txt [ /mediaplex.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\H9JP76Z6.txt [ /webmasterplan.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\LJ94AESD.txt [ /revsci.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\WPZRSB4V.txt [ /doubleclick.net ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\PK4V0J4D.txt [ /ad2.adfarm1.adition.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\CE4UMDS3.txt [ /unitymedia.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\TW9NK6OE.txt [ /media.gan-online.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\GGQ0TNKL.txt [ /de.sitestat.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\E086DWBK.txt [ /ads.gea.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\EWMLXM3M.txt [ /xiti.com ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\X3CPYMX1.txt [ /im.banner.t-online.de ] C:\Users\Jana und Nicky\AppData\Roaming\Microsoft\Windows\Cookies\AAFQZ5N8.txt [ /zanox.com ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1RPLUHBF.txt [ Cookie:jana und nicky@tracking.quisma.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJY0QGK3.txt [ Cookie:jana und nicky@www.pornme.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0BEJ6Z6G.txt [ Cookie:jana und nicky@pornsextub.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JJZGBDOU.txt [ Cookie:jana und nicky@adtech.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6H5VZBLF.txt [ Cookie:jana und nicky@ad.adnet.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\RI3BO5BB.txt [ Cookie:jana und nicky@bijpornos.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\90XQVNMV.txt [ Cookie:jana und nicky@adbrite.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WPQOCI54.txt [ Cookie:jana und nicky@atdmt.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1SPR925E.txt [ Cookie:jana und nicky@rachesex.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2D38LF8.txt [ Cookie:jana und nicky@ad.dyntracker.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z3C2AW10.txt [ Cookie:jana und nicky@go.dynamic-tracking.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXLI513Y.txt [ Cookie:jana und nicky@questionmarket.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCVO0EDJ.txt [ Cookie:jana und nicky@apmebf.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XQWMKKXE.txt [ Cookie:jana und nicky@2o7.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73648H7R.txt [ Cookie:jana und nicky@adserver2.clipkit.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\JW49WHLR.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\T6KT826D.txt [ Cookie:jana und nicky@advertising.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\FFVSCTY7.txt [ Cookie:jana und nicky@www.traffective-tracking.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4A03X25H.txt [ Cookie:jana und nicky@adform.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\D7ZTP31F.txt [ Cookie:jana und nicky@edates.traffective-tracking.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\WG2P5JKR.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y60Y0ZS8.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XRW38WIZ.txt [ Cookie:jana und nicky@banners.victor.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\IE7Y7UDL.txt [ Cookie:jana und nicky@www.rachesex.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DJ4AOV4I.txt [ Cookie:jana und nicky@traffictrack.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\G31TSIYW.txt [ Cookie:jana und nicky@tradedoubler.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\O2VF2KBG.txt [ Cookie:jana und nicky@www.bijpornos.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\AK97TGZR.txt [ Cookie:jana und nicky@smartadserver.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\2XGHGRNO.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\GDUH1IYR.txt [ Cookie:jana und nicky@serving-sys.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TC0XT1Q.txt [ Cookie:jana und nicky@pornme.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\PQ784SGD.txt [ Cookie:jana und nicky@specificclick.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\KDGZHC6U.txt [ Cookie:jana und nicky@ero-advertising.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\S5GG1IDY.txt [ Cookie:jana und nicky@insightexpressai.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRT0GLVK.txt [ Cookie:jana und nicky@ads.crakmedia.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\39OVU1DE.txt [ Cookie:jana und nicky@tracking.mindshare.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\H4A1ZJUK.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\U67TFVS1.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\N318SOWO.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1039866069/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\QZC0QEF3.txt [ Cookie:jana und nicky@a.revenuemax.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\09L78VQR.txt [ Cookie:jana und nicky@tiniporn.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VVBO68HJ.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\9KWWXQMG.txt [ Cookie:jana und nicky@media6degrees.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\530CNCWU.txt [ Cookie:jana und nicky@mediaplex.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3SS02NDU.txt [ Cookie:jana und nicky@webmasterplan.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\73SUNUKY.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\3VY5QS59.txt [ Cookie:jana und nicky@doubleclick.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DREYMLIQ.txt [ Cookie:jana und nicky@unitymedia.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\BL4R76Q5.txt [ Cookie:jana und nicky@wlw.122.2o7.net/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH58NDMR.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\VRXDG1FP.txt [ Cookie:jana und nicky@xiti.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\DN07V7C4.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\YU984QA1.txt [ Cookie:jana und nicky@adserv.kwick.de/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\XIHWGRSA.txt [ Cookie:jana und nicky@lfstmedia.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\TGWZBH20.txt [ Cookie:jana und nicky@zanox.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\5308Y83I.txt [ Cookie:jana und nicky@www.vagosex.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\6Z3HJTIB.txt [ Cookie:jana und nicky@r1-ads.ace.advertising.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\8KYDW7Z9.txt [ Cookie:jana und nicky@www.googleadservices.com/pagead/conversion/1017131048/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CCKZ1NF.txt [ Cookie:jana und nicky@ru4.com/ ] C:\USERS\JANA UND NICKY\AppData\Roaming\Microsoft\Windows\Cookies\Low\0Y6SDYBR.txt [ Cookie:jana und nicky@server.adform.net/ ] C:\USERS\JANA UND NICKY\Cookies\OIBRXIHV.txt [ Cookie:jana und nicky@tracking.quisma.com/ ] C:\USERS\JANA UND NICKY\Cookies\OR2V7QPN.txt [ Cookie:jana und nicky@ad.adnet.de/ ] C:\USERS\JANA UND NICKY\Cookies\JI0JFDER.txt [ Cookie:jana und nicky@adtech.de/ ] C:\USERS\JANA UND NICKY\Cookies\QQM80QTU.txt [ Cookie:jana und nicky@atdmt.com/ ] C:\USERS\JANA UND NICKY\Cookies\29YHR0RS.txt [ Cookie:jana und nicky@apmebf.com/ ] C:\USERS\JANA UND NICKY\Cookies\D2LDUMHT.txt [ Cookie:jana und nicky@eas.apm.emediate.eu/ ] C:\USERS\JANA UND NICKY\Cookies\8OLERRTN.txt [ Cookie:jana und nicky@olympiaverlag.122.2o7.net/ ] C:\USERS\JANA UND NICKY\Cookies\HROMIPG6.txt [ Cookie:jana und nicky@advertising.com/ ] C:\USERS\JANA UND NICKY\Cookies\QP0SAQXX.txt [ Cookie:jana und nicky@adform.net/ ] C:\USERS\JANA UND NICKY\Cookies\G4XJCRNO.txt [ Cookie:jana und nicky@zanox-affiliate.de/ ] C:\USERS\JANA UND NICKY\Cookies\DY85XZEF.txt [ Cookie:jana und nicky@adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\Cookies\ERJL0JPL.txt [ Cookie:jana und nicky@traffictrack.de/ ] C:\USERS\JANA UND NICKY\Cookies\FQU48GFP.txt [ Cookie:jana und nicky@banners.victor.com/ ] C:\USERS\JANA UND NICKY\Cookies\XH7CWUHJ.txt [ Cookie:jana und nicky@tradedoubler.com/ ] C:\USERS\JANA UND NICKY\Cookies\SYBR1KL9.txt [ Cookie:jana und nicky@smartadserver.com/ ] C:\USERS\JANA UND NICKY\Cookies\XO87HBSY.txt [ Cookie:jana und nicky@ad.yieldmanager.com/ ] C:\USERS\JANA UND NICKY\Cookies\9ZWI0MVA.txt [ Cookie:jana und nicky@serving-sys.com/ ] C:\USERS\JANA UND NICKY\Cookies\W2GX5FRB.txt [ Cookie:jana und nicky@specificclick.net/ ] C:\USERS\JANA UND NICKY\Cookies\KB6FWZ45.txt [ Cookie:jana und nicky@de.sitestat.com/laola1/thesportsman-tv/ ] C:\USERS\JANA UND NICKY\Cookies\WXQIODFU.txt [ Cookie:jana und nicky@ad1.adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\Cookies\VBP68BDT.txt [ Cookie:jana und nicky@a.revenuemax.de/ ] C:\USERS\JANA UND NICKY\Cookies\4Q015XUF.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/ ] C:\USERS\JANA UND NICKY\Cookies\JWRFYQFU.txt [ Cookie:jana und nicky@mediaplex.com/ ] C:\USERS\JANA UND NICKY\Cookies\H9JP76Z6.txt [ Cookie:jana und nicky@webmasterplan.com/ ] C:\USERS\JANA UND NICKY\Cookies\WPZRSB4V.txt [ Cookie:jana und nicky@doubleclick.net/ ] C:\USERS\JANA UND NICKY\Cookies\PK4V0J4D.txt [ Cookie:jana und nicky@ad2.adfarm1.adition.com/ ] C:\USERS\JANA UND NICKY\Cookies\CE4UMDS3.txt [ Cookie:jana und nicky@unitymedia.de/ ] C:\USERS\JANA UND NICKY\Cookies\GGQ0TNKL.txt [ Cookie:jana und nicky@de.sitestat.com/sport1/sport1-de/ ] C:\USERS\JANA UND NICKY\Cookies\EWMLXM3M.txt [ Cookie:jana und nicky@xiti.com/ ] C:\USERS\JANA UND NICKY\Cookies\X3CPYMX1.txt [ Cookie:jana und nicky@im.banner.t-online.de/ ] C:\USERS\JANA UND NICKY\Cookies\AAFQZ5N8.txt [ Cookie:jana und nicky@zanox.com/ ] cdn1.static.pornhub.phncdn.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ] data-ero-advertising.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ] media.adxpansion.com [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ] s0.2mdn.net [ C:\USERS\JANA UND NICKY\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7253Y72G ] |
|
20.01.2012, 13:17
| #7 |
| /// Malware-holic | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? ja, halt alle Malwarebytes logs die vorhanden sind. hast du das mit der proxy einstellung und dem hintergrund hinbekommen?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.04.2012, 15:49
| #8 |
| | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? Sorry für die lange Abwesenheit... Problem besteht nach wie vor. Wie soll ich strukturiert vorgehen, um Klarheit darüber zu erhalten, was mit der Kiste los ist? Problem ist, dass der Rechner von mehreren genutzt wird - und keiner sich wirklich darum kümmert... |
|
05.04.2012, 15:53
| #9 |
| /// Malware-holic | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? naja, die frage ist ja immernoch, gibt es mehr Malwarebytes berichte als du gepostet hast?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.04.2012, 16:16
| #10 |
| | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? Leider nicht. Lasse gerade Malwarebytes laufen, den Log könnte ich noch posten sobald er fertig ist. Sonst noch was, was ich machen könnte? So, hier mal ein Auszug aus den Log Dateien von Malwarebytes... 2012/04/06 10:23:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/06 10:23:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/06 10:23:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/06 10:23:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/05 12:58:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/04/05 12:58:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.24.03 to version v2012.04.05.04 2012/04/05 13:58:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/05 13:58:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/05 13:58:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/05 13:58:34 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/05 16:35:20 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/05 16:35:23 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/05 16:35:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/05 16:35:28 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/04/05 16:37:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/04/05 16:37:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/04/05 16:37:17 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/05 16:37:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/04 12:14:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/04 12:14:51 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/04 12:14:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/04 12:14:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/04 12:39:18 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/04 12:39:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/04 12:39:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/04 12:39:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/04 14:07:36 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/04 14:07:39 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/04 14:07:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/04 14:07:43 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/03 18:25:03 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/03 18:25:06 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/03 18:25:09 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/03 18:25:11 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/03 20:23:49 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/03 20:23:52 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/03 20:23:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/03 20:23:56 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/01 13:37:24 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/01 13:37:26 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/01 13:37:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/01 13:37:31 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50703, Process: iexplore.exe) 2012/04/01 14:09:41 +0200 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50705, Process: iexplore.exe) 2012/04/01 20:25:27 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/04/01 20:25:29 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/04/01 20:25:32 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/04/01 20:25:55 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/31 21:37:54 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/31 21:37:57 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/31 21:38:00 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/31 21:38:01 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/30 13:02:42 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/30 13:02:45 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/30 13:02:48 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/30 13:02:50 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/25 09:43:02 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/25 09:43:05 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/25 09:43:08 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/25 09:43:10 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/25 20:53:13 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/25 20:53:15 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: No address found failed with error code 11004 2012/03/25 20:53:16 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/25 20:53:19 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/25 20:53:21 +0200 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/24 20:14:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/24 20:14:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/24 20:14:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/24 20:14:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/24 20:18:54 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent QUARANTINE 2012/03/24 20:19:46 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY 2012/03/24 20:19:49 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION c:\users\jana und nicky\appdata\local\microsoft\windows\temporary internet files\content.ie5\k35b0xjw\pdfconvertersetup.exe Adware.Agent DENY 2012/03/24 20:21:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.20.07 to version v2012.03.24.03 2012/03/24 20:22:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/03/24 20:22:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/03/24 20:22:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/24 20:22:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/22 21:32:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/22 21:32:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/22 21:32:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/22 21:32:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW 2012/03/22 22:14:56 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW 2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW 2012/03/22 22:15:07 +0100 JANAUNDNICKY-PC Jana und Nicky DETECTION C:\Users\Jana und Nicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K35B0XJW\PDFConverterSetup.exe Adware.Agent ALLOW 2012/03/21 19:18:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/21 19:18:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/21 19:18:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/21 19:18:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/20 19:34:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/20 19:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/20 19:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/20 19:34:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/20 19:46:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.15.05 to version v2012.03.20.07 2012/03/20 19:46:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/03/20 19:46:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/03/20 19:46:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/20 19:46:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/20 19:51:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/20 19:51:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/20 19:51:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/20 19:51:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/18 07:15:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/18 07:15:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/18 07:15:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/18 07:15:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/18 11:45:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/18 11:45:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/18 11:45:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/18 11:45:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50982, Process: iexplore.exe) 2012/03/18 12:10:37 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 50983, Process: iexplore.exe) 2012/03/17 14:18:02 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/17 14:18:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/17 14:18:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/17 14:18:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/17 14:52:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/17 14:52:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/17 14:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/17 14:53:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/16 21:24:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/16 21:24:03 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/16 21:24:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/16 21:24:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/15 09:04:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/15 09:04:36 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/15 09:04:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/15 09:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/15 12:31:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/15 12:31:11 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/15 12:31:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/15 12:31:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/15 19:03:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/15 19:03:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/15 19:03:50 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/15 19:03:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.10.02 to version v2012.03.15.05 2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/03/15 19:03:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/03/15 19:03:56 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/03/15 19:03:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/15 19:04:00 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/14 20:56:39 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/14 20:56:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/14 20:56:44 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/14 20:56:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/13 12:56:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/13 12:56:16 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/13 12:56:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/13 12:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/13 21:34:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/13 21:34:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/13 21:34:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/13 21:34:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/11 13:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/11 13:20:42 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/11 13:20:45 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/11 13:20:47 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/11 19:49:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/11 19:49:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/11 19:49:51 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/11 19:49:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/11 20:29:06 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/11 20:29:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/11 20:29:12 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/11 20:29:13 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 49191, Process: iexplore.exe) 2012/03/11 20:30:08 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 212.117.179.154 (Type: outgoing, Port: 49196, Process: iexplore.exe) 2012/03/10 12:09:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/10 12:09:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/10 12:09:27 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/10 12:09:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/10 12:20:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.03.06.06 to version v2012.03.10.02 2012/03/10 12:20:40 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/03/10 12:20:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/03/10 12:20:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/10 12:20:57 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/10 20:56:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/10 20:56:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/10 20:56:24 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/10 20:56:25 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/07 19:00:09 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/07 19:00:15 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/07 19:00:18 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/07 19:00:21 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/07 19:55:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/07 19:55:34 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/07 19:55:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/07 19:55:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/06 13:04:30 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/06 13:04:35 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/06 13:04:38 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/06 13:04:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/06 20:07:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/06 20:07:23 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/06 20:07:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/06 20:07:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting database refresh 2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Scheduled update executed successfully: database updated from version v2012.02.29.04 to version v2012.03.06.06 2012/03/06 20:07:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Stopping IP protection 2012/03/06 20:07:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection stopped 2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Database refreshed successfully 2012/03/06 20:07:48 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/06 20:07:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/05 12:17:22 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/05 12:17:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/05 12:17:32 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/05 12:17:37 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/05 19:39:19 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/05 19:39:26 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/05 19:39:29 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/05 19:39:33 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/05 19:49:47 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 94.100.17.25 (Type: outgoing, Port: 55324, Process: skype.exe) 2012/03/05 19:49:56 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 94.100.17.25 (Type: outgoing, Port: 55324, Process: skype.exe) 2012/03/04 12:29:59 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/04 12:30:04 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/04 12:30:07 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/04 12:30:10 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/04 12:31:59 +0100 JANAUNDNICKY-PC Jana und Nicky IP-BLOCK 83.128.67.0 (Type: outgoing, Port: 55324, Process: skype.exe) 2012/03/03 12:51:41 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/03 12:51:43 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Executing scheduled update: Daily 2012/03/03 12:51:46 +0100 JANAUNDNICKY-PC Jana und Nicky ERROR Scheduled update failed: Net Exception failed with error code 10093 2012/03/03 12:51:49 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/03 12:51:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/03 12:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/03 19:51:53 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/03 19:51:58 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/03 19:52:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/03 19:52:05 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/03 22:52:46 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/03 22:52:52 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/03 22:52:55 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/03 22:53:01 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully 2012/03/01 11:16:08 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting protection 2012/03/01 11:16:14 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Protection started successfully 2012/03/01 11:16:17 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE Starting IP protection 2012/03/01 11:16:20 +0100 JANAUNDNICKY-PC Jana und Nicky MESSAGE IP Protection started successfully Hier noch die Log-Datei von SuperAntiSpyware... SUPERAntiSpyware Scann-Protokoll hxxp://www.superantispyware.com Generiert 04/06/2012 bei 11:47 AM Version der Applikation : 5.0.1144 Version der Kern-Datenbank : 8115 Version der Spur-Datenbank : 5927 Scan Art : kompletter Scann Totale Scann-Zeit : 00:48:38 Operating System Information Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002) UAC On - Limited User (Administrator User) Gescannte Speicherelemente : 652 Erfasste Speicher-Bedrohungen : 0 Gescannte Register-Elemente : 36549 Erfasste Register-Bedrohungen : 0 Gescannte Datei-Elemente : 39533 Erfasste Datei-Elemente : 0 |
|
06.04.2012, 16:41
| #11 |
| /// Malware-holic | Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? dann machen wir das gerät einmal komplett neu. 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen. [/code]
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Rechner extrem langsam, Desktop verstellt sich ständig - was kann das sein? |
| desktop, extrem, extrem langsam, hallo zusammen, hintergrund, kurzem, langsam, nervt, neustart, problem, rechner, taskleiste, verschwunden, verstellt, zusammen, öfter |
Linear-Darstellung
