| |
| |||||||
Log-Analyse und Auswertung: PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.04.2010, 05:27
| #1 |
 |  PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! Hi, ich bin mir net ganz sicher, ob mein Thema hier reingehört, ich hoffe es aber  Bin leider einer, der sich mit PC net soo gut auskennt, habe aber das Problem, dass sich mein PC einfach einfriert, die Maus geht nicht, Eingabe jeglicher Art geht nicht mehr, Bildschirm ist einfach erstarrt, er bleibt hängen.. Meist passiert mir das, wenn ich mit dem Internet verbunden bin und dabei Vollbildschirmauflösung habe, zb während ich Counter-Strike-Source spiele. Strg+Alt+Entf funktioniert auch nicht! Manchmal bleibt er auch einfach so hängen, wenn ich einfach nur im Internet surfe, ich hoffe ihr könnt mir helfen...hoffentlich ist es kein Virus oder Trojaner oder sonst so ein Müll =) Die Logs: von Malwarebytes Malwarebytes' Anti-Malware 1.45 w*w.malwarebytes.org Datenbank Version: 3988 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 15.04.2010 05:03:56 mbam-log-2010-04-15 (05-03-56).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 109245 Laufzeit: 6 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ....nun die RSIT-Logs... die log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by **** at 2010-04-15 05:21:06 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 3 GB (1%) free of 477 GB Total RAM: 4094 MB (56% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 05:21:12, on 15.04.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18444) Boot mode: Normal Running processes: C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Programme\GDATA\AVKTray\AVKTray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE C:\Windows\system32\spool\DRIVERS\x64\3\CNAB8SWK.EXE C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe C:\Program Files (x86)\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Users\***\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://w*w.daemon-search.com/default R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ht*p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ht*p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h*tp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h*tp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIE.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" /tray O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\GDATA\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Steam] "c:\users\***\saved games\steam\steam.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: Gangsters2Setup.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe O9 - Extra 'Tools' menuitem: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU) O9 - Extra 'Tools' menuitem: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UB\UB.lnk (HKCU) O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - h*tp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - ht*p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe O23 - Service: AvkLink32 - G DATA Software AG - C:\Programme\GDATA\AVK\AVKLnk32.exe O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:\Programme\GDATA\AVK\AVKService.exe O23 - Service: AntiVirus Wächter (AVKWCtl) - G DATA Software AG - C:\Programme\GDATA\AVK\AVKWCtlX64.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12803 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{AA93048B-BE70-4702-BAE5-1294877AB5EE}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] G DATA WebFilter - C:\Programme\GDATA\Webfilter\AVKWebIE.dll [2008-08-19 656968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2010-04-15 1598744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}] Megaupload Toolbar - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2009-03-14 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-26 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-14 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}] FlashFXP Helper for Internet Explorer - C:\PROGRA~2\FlashFXP\IEFlash.dll [2007-05-16 191096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Programme\GDATA\Webfilter\AVKWebIE.dll [2008-08-19 656968] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2008-08-08 691656] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll [2009-03-14 251504] {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080] {AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL [2009-02-26 526336] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll [2010-02-23 1664256] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe [2007-07-23 3502080] "SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-06-06 1261568] "G DATA AntiVirus Trayapplication"=C:\Programme\GDATA\AVKTray\AVKTray.exe [2008-08-19 994376] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2008-08-04 36352] "Sony Ericsson PC Suite"=C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-06-05 292136] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2010-04-15 2059544] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240] "Steam"=c:\users\***\saved games\steam\steam.exe [2010-02-20 1217872] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-14 39408] "ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Gangsters2Setup.lnk - E:\Applet.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "ForceActiveDesktopOn"= "NoActiveDesktopChanges"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2" "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate" "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx" "C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e384d54-ac15-11dd-b240-001fc64954bd}] shell\AutoRun\command - F:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{142bfac4-3c29-11df-908b-001fc64954bd}] shell\AutoRun\command - G:\POGRESHILI///sudbinemi.exe shell\open\command - G:\POGRESHILI///sudbinemi.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63cc3da5-a92b-11dd-8e78-001fc64954bd}] shell\AutoRun\command - E:\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8890f4c0-a1e3-11dd-aa37-001fc64954bd}] shell\AutoRun\command - E:\EmDesk.exe shell\EmDesk\command - E:\EmDesk.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae9456e3-a1e2-11dd-bca0-806e6f6e6963}] shell\AutoRun\command - D:\AUTORUN\AUTORUN.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{def0d9f4-ca27-11dd-bc97-001fc64954bd}] shell\AutoRun\command - setupSNK.exe ======List of files/folders created in the last 1 months====== 2081-10-08 18:29:48 ----A---- C:\Windows\dd_NET_Framework35_LangPack_MSI6CAE.txt 2081-10-08 18:29:30 ----A---- C:\Windows\dd_depcheck_NETFX_EXP_35.txt 2081-10-08 18:29:20 ----A---- C:\Windows\dd_dotnetfx35error_lp.txt 2081-10-08 18:29:19 ----A---- C:\Windows\dd_dotnetfx35install_lp.txt 2010-04-15 05:21:06 ----D---- C:\rsit 2010-04-15 05:21:06 ----D---- C:\Program Files (x86)\trend micro 2010-04-15 04:26:25 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes 2010-04-15 04:25:57 ----D---- C:\ProgramData\Malwarebytes 2010-04-15 04:25:57 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-04-15 03:43:03 ----HD---- C:\$AVG 2010-04-15 03:29:52 ----SHD---- C:\Config.Msi 2010-04-15 03:05:34 ----D---- C:\2967bd363b0d071f346a 2010-04-15 02:30:07 ----D---- C:\ProgramData\AVG Security Toolbar 2010-04-15 02:28:46 ----D---- C:\Program Files (x86)\AVG 2010-04-15 02:28:45 ----D---- C:\ProgramData\avg9 2010-04-14 16:13:57 ----A---- C:\Windows\system32\vbscript.dll 2010-04-14 16:12:49 ----A---- C:\Windows\system32\cabview.dll 2010-04-14 16:12:48 ----A---- C:\Windows\system32\wintrust.dll 2010-04-03 08:10:52 ----D---- C:\ProgramData\Sun 2010-04-03 08:10:27 ----A---- C:\Windows\system32\javaws.exe 2010-04-03 08:10:27 ----A---- C:\Windows\system32\javaw.exe 2010-04-03 08:10:27 ----A---- C:\Windows\system32\java.exe 2010-03-31 21:08:09 ----A---- C:\Windows\system32\mshtml.dll 2010-03-31 21:08:06 ----A---- C:\Windows\system32\wininet.dll 2010-03-31 21:08:06 ----A---- C:\Windows\system32\urlmon.dll 2010-03-31 21:08:06 ----A---- C:\Windows\system32\occache.dll 2010-03-31 21:08:05 ----A---- C:\Windows\system32\ieframe.dll 2010-03-31 21:08:04 ----A---- C:\Windows\system32\ieapfltr.dll 2010-03-31 21:08:03 ----A---- C:\Windows\system32\mshtmled.dll 2010-03-31 21:08:03 ----A---- C:\Windows\system32\msfeeds.dll 2010-03-31 21:08:03 ----A---- C:\Windows\system32\iertutil.dll 2010-03-31 21:08:03 ----A---- C:\Windows\system32\iedkcs32.dll 2010-03-31 21:08:02 ----A---- C:\Windows\system32\mstime.dll 2010-03-31 21:08:02 ----A---- C:\Windows\system32\ieUnatt.exe 2010-03-31 21:08:02 ----A---- C:\Windows\system32\iepeers.dll 2010-03-31 21:08:02 ----A---- C:\Windows\system32\ieencode.dll 2010-03-31 21:08:02 ----A---- C:\Windows\system32\ieaksie.dll 2010-03-31 21:08:01 ----A---- C:\Windows\system32\jsproxy.dll 2010-03-31 01:14:12 ----A---- C:\Windows\ODBC.INI 2010-03-31 01:05:25 ----D---- C:\Program Files (x86)\Microsoft Works Suite 2004 2010-03-21 13:44:56 ----A---- C:\Windows\system32\winhttp.dll 2010-03-19 20:37:06 ----A---- C:\Windows\system32\schannel.dll 2010-03-19 20:37:06 ----A---- C:\Windows\system32\kerberos.dll 2010-03-18 23:36:58 ----A---- C:\Windows\Counter Strike 1.6 Reloaded Uninstaller.exe 2010-03-18 23:34:33 ----D---- C:\Program Files (x86)\Counter Strike 1.6 Reloaded 2010-03-18 22:34:35 ----D---- C:\Program Files (x86)\hamachi-aliases 2010-03-16 21:26:34 ----D---- C:\Program Files (x86)\PokerStars 2010-03-16 21:16:26 ----D---- C:\Programs 2010-03-16 21:15:29 ----D---- C:\Users\***\AppData\Roaming\UB 2010-03-16 20:49:51 ----D---- C:\Users\***\AppData\Roaming\Absolute Poker 2010-03-16 20:49:49 ----D---- C:\Poker Application 2010-03-16 20:00:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-03-16 19:57:44 ----D---- C:\Poker 2010-03-16 02:48:20 ----D---- C:\bwinPoker ======List of files/folders modified in the last 1 months====== 2010-04-15 05:21:07 ----D---- C:\Windows\Temp 2010-04-15 05:21:06 ----RD---- C:\Program Files (x86) 2010-04-15 05:14:37 ----D---- C:\Windows\System32 2010-04-15 05:14:37 ----D---- C:\Windows\inf 2010-04-15 04:48:53 ----D---- C:\Windows\Prefetch 2010-04-15 04:48:53 ----D---- C:\Program Files (x86)\CCleaner 2010-04-15 04:26:00 ----D---- C:\Windows\system32\drivers 2010-04-15 04:25:57 ----HD---- C:\ProgramData 2010-04-15 04:15:08 ----D---- C:\Windows\Debug 2010-04-15 03:34:54 ----SHD---- C:\Windows\Installer 2010-04-15 03:34:54 ----D---- C:\ProgramData\Microsoft Help 2010-04-15 03:30:55 ----SHD---- C:\System Volume Information 2010-04-15 03:27:20 ----D---- C:\Windows\winsxs 2010-04-15 03:08:09 ----D---- C:\Windows\SysWOW64 2010-04-15 03:08:09 ----D---- C:\Program Files (x86)\Windows Mail 2010-04-15 02:30:44 ----RD---- C:\Users 2010-04-15 02:27:50 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-04-15 02:26:34 ----D---- C:\Windows 2010-04-15 02:05:23 ----D---- C:\Users\***\AppData\Roaming\Hamachi 2010-04-15 01:39:25 ----D---- C:\Users\***\AppData\Roaming\Skype 2010-04-15 01:38:10 ----D---- C:\Users\***\AppData\Roaming\skypePM 2010-04-13 23:15:23 ----D---- C:\Program Files (x86)\Hamachi 2010-04-03 08:10:50 ----D---- C:\Program Files (x86)\Common Files\Java 2010-04-03 08:10:23 ----D---- C:\Program Files (x86)\Java 2010-04-03 08:06:15 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-04-01 06:00:24 ----D---- C:\Program Files (x86)\Internet Explorer 2010-03-31 01:17:41 ----SD---- C:\Users\***\AppData\Roaming\Microsoft 2010-03-31 01:15:05 ----D---- C:\Program Files (x86)\Microsoft Works 2010-03-31 01:14:15 ----SD---- C:\ProgramData\Microsoft 2010-03-31 01:13:26 ----D---- C:\Windows\IME 2010-03-31 01:13:22 ----D---- C:\Windows\ShellNew 2010-03-31 01:12:59 ----D---- C:\Windows\MSAgent 2010-03-31 01:12:59 ----D---- C:\Windows\Help 2010-03-31 01:12:57 ----D---- C:\Program Files (x86)\Microsoft Office 2010-03-31 01:10:33 ----D---- C:\Windows\system 2010-03-31 01:08:13 ----RSD---- C:\Windows\Fonts 2010-03-29 18:47:21 ----D---- C:\Windows\Minidump 2010-03-21 23:24:28 ----D---- C:\Users\***\AppData\Roaming\ICQ 2010-03-21 17:35:00 ----D---- C:\Windows\rescache 2010-03-21 17:08:47 ----D---- C:\Windows\system32\de-DE ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [] R1 AvgTdiA;AVG Free Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [] R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [] R1 GRD;G DATA Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [] R3 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [] R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\drivers\GEARAspiWDM.sys [] R3 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] R3 NVENETFD;NVIDIA nForce-Netzwerkcontrollertreiber; C:\Windows\system32\DRIVERS\nvm60x64.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] S3 AF9035BDA;Cinergy T-Stick service; C:\Windows\system32\DRIVERS\AF9035BDA.sys [] S3 awgtb29b;awgtb29b; C:\Windows\system32\drivers\awgtb29b.sys [] S3 CmBatt;Microsoft-Netzteiltreiber; C:\Windows\system32\DRIVERS\CmBatt.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [] S3 ncplelhp;NCP Secure Client NDIS6 Driver; C:\Windows\system32\DRIVERS\ncplelhp.sys [] S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2001-09-29 13780] S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [] S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [] S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\Windows\system32\DRIVERS\s616bus.sys [] S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s616mdfl.sys [] S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s616mdm.sys [] S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s616mgmt.sys [] S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\Windows\system32\DRIVERS\s616nd5.sys [] S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s616obex.sys [] S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\Windows\system32\DRIVERS\s616unic.sys [] S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [] S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [] S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [] S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [] S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [] S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [] S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-04-15 916760] R2 avg9wd;AVG Free WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-04-15 308064] R2 AVKProxy;G DATA AntiVirus Proxy; C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2008-08-19 724040] R2 AVKService;G DATA Scheduler; C:\Programme\GDATA\AVK\AVKService.exe [2008-08-19 386120] R2 AVKWCtl;AntiVirus Wächter; C:\Programme\GDATA\AVK\AVKWCtlX64.exe [2008-08-14 1947232] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R3 AvkLink32;AvkLink32; C:\Programme\GDATA\AVK\AVKLnk32.exe [2007-03-12 91984] R3 iPod Service;iPod-Dienst; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-06-05 541992] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-02-23 369920] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184] S3 fsssvc;Windows Live Family Safety-Dienst; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-14 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-03-03 332720] -----------------EOF----------------- |
|
15.04.2010, 05:32
| #2 |
| |  PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! musste die sachen teilen, war zu lang, hier nun der rest...
__________________...nun die info.txt info.txt logfile of random's system information tool 1.06 2010-04-15 05:21:13 ======Uninstall list====== -->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93} -->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x7 2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL AC3Filter (remove only)-->C:\Program Files (x86)\AC3Filter\uninstall.exe Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\UninstFl.exe -q Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001} Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log Age of Empires III-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45} Age of Mythology - The Titans Expansion-->"C:\Users\***\Saved Games\Microsoft Games\Age of Mythology\UNINSTXP.EXE" /runtemp /addremove Age of Mythology-->"C:\Users\***\Saved Games\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove Age of Wonders Shadow Magic-->C:\Users\***\Saved Games\Triumph Studios\Age of Wonders Shadow Magic\aowsmUninstall.exe Age of Wonders-->C:\Windows\IsUn0407.exe -f"c:\users\***\saved games\Triumph Studios\Age of Wonders\Uninst.isu" Alfa-Antiterror-->"C:\Users\***\Saved Games\Alfa-Antiterror\unins000.exe" Anno 1602-->C:\Windows\system32\1602Unst.exe /Uninstall Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Armies of Exigo-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{80464ABC-A520-453F-A383-6E7B92E0C3B3}\setup.exe" -l0x7 -removeonly Assassin's Creed-->C:\Program Files (x86)\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0007 -removeonly AVG Free 9.0-->C:\Program Files (x86)\AVG\AVG9\setup.exe /UNINSTALL AVS Audio Editor version 5.2-->"C:\Program Files (x86)\AVS4YOU\AVSAudioEditor\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Barbarian Invasion-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4905C2C7-96CB-4DD9-A706-C427913DE5AE}\setup.exe" -l0x7 Battle Strike-->"C:\Users\***\Saved Games\City Interactive\Battle Strike\Uninstall.exe" "C:\Users\***\Saved Games\City Interactive\Battle Strike\install.log" Battlefield 1942: Secret Weapons of WWII-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}\Setup.exe" -l0x7 Battlefield 1942: The Road To Rome-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}\Setup.exe" -l0x7 Battlefield 1942-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\Setup.exe" -l0x7 Battlefield Vietnam(TM)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E35B3C63-E958-4E31-A178-95D22024109A}\setup.exe" -l0x7 BrettspielWelt-->"C:\Users\***\AppData\Roaming\BSW\uninstall.exe" bwin Poker-->"C:\bwinPoker\unins000.exe" Call Of Cthulhu DCoTE-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E4406ED3-B04C-44F1-ABB4-08775B74934F}\setup.exe" -l0x7 Catan-->C:\Windows\IsUn0407.exe -fc:\users\***\SAVEDG~1\Catan\Uninst.isu -cc:\users\***\SAVEDG~1\Catan\CatanUninstall.dll CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe" CDPoker-->"C:\Poker\CDPoker\_SetupPoker.exe" /uninstall Command & Conquer Alarmstufe Rot 2-->C:\Users\***\Saved Games\AR2\Uninstll.EXE Command & Conquer Generals-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32} Counter Strike 1.6 Reloaded-->C:\Windows\Counter Strike 1.6 Reloaded Uninstaller.exe Counter-Strike 1.6 V35-->C:\Users\***\Saved Games\CS1.6\Uninstal.exe Counter-Strike 1.6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19 Counter-Strike: Source-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/240 Counter-Strike-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/10 Cultures2 - Die Tore Asgards-->C:\Windows\IsUn0407.exe -fc:\users\haydar\SAVEDG~1\JoWooD\CULTUR~1\Uninst.isu -cc:\users\***\SAVEDG~1\JoWooD\CULTUR~1\UninstallCultures2.dll DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe Day of Defeat-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/30 dBpowerAMP Music Converter-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat Dedicated Server-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/5 Der Clou!2-->C:\Users\***\SAVEDG~1\DERCLO~1\UNWISE.EXE C:\Users\Haydar\SAVEDG~1\DERCLO~1\INSTALL.LOG DesertCombat 0.7-->C:\Windows\iun6002.exe "C:\Users\***\Saved Games\EA GAMES\Battlefield 1942\DesertCombat.ini" Die Schlacht um Mittelerde™ II-->C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\EAUninstall.exe Die Siedler - Aufbruch der Kulturen-->"C:\Users\***\Saved Games\Die Siedler - Aufbruch der Kulturen\uninstall.exe" DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN Doom 3-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EEFB15EB-FE8B-47DF-A496-1C4D1420294A} EE-ZDE-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B49C924C-A651-4378-94F6-5D9BF44A959F}\Setup.exe" -l0x7 Empire Earth III-->C:\Program Files (x86)\InstallShield Installation Information\{B17E235C-7A3B-4482-B650-21FFDE1D452E}\setup.exe -runfromtemp -l0x0007 -removeonly Empire Earth-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2447500B-22D7-47BD-9B13-1A927F43A267}\Setup.exe" Far Cry-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} FlashFXP v3-->"C:\Program Files (x86)\FlashFXP\Uninstall.exe" "C:\Program Files (x86)\FlashFXP\install.log" -u Free Audio CD Burner version 1.2-->"C:\Program Files (x86)\DVDVideoSoft\Free Audio CD Burner\unins000.exe" Free Video to MP3 Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\unins000.exe" Free YouTube Download 2.2-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\unins000.exe" Free YouTube to MP3 Converter version 3.2-->"C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins001.exe" G DATA AntiVirus-->MsiExec.exe /I{1EA84402-CD4F-4F19-AFED-C5C228259873} Gangsters-->C:\Windows\IsUn0407.exe -f"C:\Program Files (x86)\Hothouse Creations\Gangsters\Uninst.isu" Gemeinsam genutzte Internet-Komponenten von Westwood-->C:\Users\***\Saved Games\AR-INTERNET\UnstllAP.EXE Ghost Recon-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}\Setup.exe" Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall GTA San Andreas-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\SETUP.exe" -l0x7 -removeonly Hamachi 1.0.1.4-->C:\Program Files (x86)\Hamachi\uninstall.exe HijackThis 2.0.2-->"C:\Program Files (x86)\trend micro\HijackThis.exe" /uninstall Host OpenAL (ADI)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x7 /remove Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT="" ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly IKEA Home Planner-->MsiExec.exe /I{AFA9D219-A7FD-4240-8793-E5C7C9D715F4} Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kane and Lynch: Dead Men-->MsiExec.exe /X{A66C4716-7E10-4A53-8101-00C3C11D6A9C} LegionArena-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4CA9839A-F660-4F7F-BD45-F466512ECE20}\Setup.exe" -l0x7 Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Mega Manager-->C:\Program Files (x86)\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly Megaupload Toolbar-->C:\Program Files (x86)\MegauploadToolbar\uninstall.exe Microsoft Age of Empires II-->"C:\Users\***\Saved Games\Microsoft Games\Age of Empires2\UNINSTAL.EXE" /runtemp /uninstall Microsoft Age of Empires-->C:\Users\***\Saved Games\Microsoft Games\Age of Empires\Uninstal.exe /uninstall Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE} Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0407-0000-0000000FF1CE} Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2} Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Word 2002-->MsiExec.exe /I{911B0407-6000-11D3-8CFE-0050048383C9} Microsoft Works Suite-Add-Ins für Microsoft Word-->MsiExec.exe /I{4EAD2E21-1D4A-4E2B-A082-8D08961539C9} Microsoft Works-->MsiExec.exe /I{5B680750-760B-49E4-81E7-21B2B337F9F7} MIKSOFT Mobile AMR converter-->"C:\Program Files (x86)\MIKSOFT\Mobile AMR converter\unins000.exe" Monopoly-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D7E7EC5E-4349-4E40-B37C-4342188B86EC}\Setup.exe" -l0x7 Morrowind-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Users\***\Saved Games\Bethesda Softworks\Morrowind\MWUninstall\setup.exe" -l0x7 MovieJack-->MsiExec.exe /X{4E8E4647-33C8-4122-A71C-62C9D9DF0F8A} Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93} Oblivion-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x7 -removeonly OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U PartyPoker-->"C:\Programs\PartyGaming\PartyPoker\Uninstall.exe" "C:\Programs\PartyGaming\PartyPoker\install.log" PokerStars-->"C:\Program Files (x86)\PokerStars\PokerStarsUninstall.exe" /u:PokerStars Portal-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/400 PunkBuster für Battlefield Vietnam-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}\setup.exe" -l0x7 QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Rising Kingdoms-->C:\Users\***\SAVEDG~1\RISING~1\UNWISE.EXE C:\Users\***\SAVEDG~1\RISING~1\INSTALL.LOG Rome - Total War(TM)-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033 S.T.A.L.K.E.R. - Shadow of Chernobyl-->"C:\Users\***\Saved Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe" Safari-->MsiExec.exe /I{0A9C92A5-D27F-4BD9-9DB9-0EFD8C681E29} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF} Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Setup-Start von Microsoft Works 2004-->C:\Program Files (x86)\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP D:\ Sid Meier's Pirates!-->C:\Program Files (x86)\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{1632FD86-1BA4-4FC4-8B25-A8C655D63F68} /l1031 Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4} Sony Ericsson PC Suite-->C:\Windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E} SopCast 3.0.3-->C:\Program Files (x86)\SopCast\uninst.exe SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0007 -removeonly Star Wars Battlefront II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x7 -removeonly Starcraft-->C:\Windows\scunin.exe C:\Windows\scunin.dat Starship Troopers-->"C:\Users\***\Saved Games\Starship Troopers\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Steamless Left4Dead Pack-->C:\Users\***\Saved Games\Steamless Left4Dead Pack\uninstall.exe Stronghold 2 Deluxe-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9 -removeonly Stronghold-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}\Setup.exe" Stubbs The Zombie-->MsiExec.exe /I{870013DB-984D-42A8-9E63-8673D8B2775A} StubbsPatchInstaller-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C5334C85-F601-427C-85F7-CDD9FDC8C69F}\setup.exe" -l0x9 -removeonly SWAT 4-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall Team Fortress 2-->"C:\Users\***\Saved Games\Steam\steam.exe" steam://uninstall/440 TerraTec Home Cinema-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0x7 TES Construction Set-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Users\***\Saved Games\Bethesda Softworks\Morrowind\CSUninstall\Setup.exe" -l0x7 TF2 lan edition-->C:\Users\***\Saved Games\TF2-LE\uninstall.exe TimeShift-->C:\Program Files (x86)\InstallShield Installation Information\{1367FA2F-2B3D-430F-872F-588B93420BFC}\setup.exe -runfromtemp -l0x0007 -removeonly Travianertools 2.2-->C:\Program Files (x86)\Travianertools\uninst.exe Uninstall 1.0.0.1-->"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331} Update for Outlook 2007 Junk Email Filter (kb981433)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A6859A6-042D-4DF7-84E2-79F8DEFB5D48} Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF} Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30} Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96} Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D} VLC media player 0.9.8a-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Warhammer® Mark of Chaos-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{210160CD-F27D-469F-9982-41E900F6820E}\setup.exe" -l0x7 -removeonly Wiggles-->C:\Users\***\Saved Games\Wiggles\Setup.exe -uninstall Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe" Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4} Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F} Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF} Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41} Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB} Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018} Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC} Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC} Windows Live Writer-->MsiExec.exe /X{E0A4805D-280A-4DD7-9E74-3A5F85E302A1} Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} WinRAR Archivierer-->C:\Program Files (x86)\WinRAR\uninstall.exe Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE-->MsiExec.exe /I{485C9280-B899-4D46-86F3-B3E459636EE5} Zattoo 3.3.4 Beta-->C:\Program Files (x86)\Zattoo\uninst.exe Zattoo4 4.0.3-->C:\Program Files (x86)\Zattoo4\uninst.exe ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: ***-PC Event Code: 537 Message: Auf diesem Computer konnte kein kompatibles TPM-Sicherheitsgerät (Trusted Platform Module) gefunden werden. TBS konnte nicht gestartet werden. Record Number: 262953 Source Name: Microsoft-Windows-TBS Time Written: 20100415031117.316777-000 Event Type: Informationen User: NT-AUTORITÄT\LOKALER DIENST Computer Name: ***-PC Event Code: 7036 Message: Dienst "Startprogramm für Windows Media Center" befindet sich jetzt im Status "Beendet". Record Number: 262954 Source Name: Service Control Manager Time Written: 20100415031119.000000-000 Event Type: Informationen User: Computer Name: ***-PC Event Code: 7036 Message: Dienst "Windows Update" befindet sich jetzt im Status "Ausgeführt". Record Number: 262955 Source Name: Service Control Manager Time Written: 20100415031121.000000-000 Event Type: Informationen User: Computer Name: ***-PC Event Code: 10029 Message: DCOM hat den Dienst TrustedInstaller mit den Argumenten "" gestartet, um den Server auszuführen: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Record Number: 262956 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20100415031230.000000-000 Event Type: Informationen User: Computer Name: ***-PC Event Code: 7036 Message: Dienst "Windows Modules Installer" befindet sich jetzt im Status "Ausgeführt". Record Number: 262957 Source Name: Service Control Manager Time Written: 20100415031230.000000-000 Event Type: Informationen User: =====Application event log===== Computer Name: ***-PC Event Code: 35 Message: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Record Number: 43555 Source Name: SideBySide Time Written: 20100415031105.000000-000 Event Type: Fehler User: Computer Name: ***-PC Event Code: 35 Message: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Record Number: 43556 Source Name: SideBySide Time Written: 20100415031105.000000-000 Event Type: Fehler User: Computer Name: ***-PC Event Code: 1 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 43557 Source Name: SecurityCenter Time Written: 20100415031117.000000-000 Event Type: Informationen User: Computer Name: ***-PC Event Code: 1001 Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden entfernt. Die Daten enthalten die neuen Werte der Registrierungseinträge "Last Counter" und "Last Help". Record Number: 43558 Source Name: Microsoft-Windows-LoadPerf Time Written: 20100415031437.000000-000 Event Type: Informationen User: Computer Name: ***-PC Event Code: 1000 Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden erfolgreich geladen. Die Eintragsdaten im Datenbereich enthalten die neuen Indexwerte, die diesem Dienst zugeordnet sind. Record Number: 43559 Source Name: Microsoft-Windows-LoadPerf Time Written: 20100415031437.000000-000 Event Type: Informationen User: =====Security event log===== Computer Name: ***-PC Event Code: 4624 Message: Ein Konto wurde erfolgreich angemeldet. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: ***-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmeldetyp: 2 Neue Anmeldung: Sicherheits-ID: S-1-5-21-2066349525-2878371349-4173274966-1001 Kontoname: *** Kontodomäne: ***-PC Anmelde-ID: 0x378c9 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Prozessinformationen: Prozess-ID: 0x2f8 Prozessname: C:\Windows\System32\winlogon.exe Netzwerkinformationen: Arbeitsstationsname: ***-PC Quellnetzwerkadresse: 127.0.0.1 Quellport: 0 Detaillierte Authentifizierungsinformationen: Anmeldeprozess: User32 Authentifizierungspaket: Negotiate Übertragene Dienste: - Paketname (nur NTLM): - Schlüssellänge: 0 Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde. Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe". Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk). Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto. Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben. Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung. - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren. - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren. - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an. - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0. Record Number: 53842 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100415030909.864377-000 Event Type: Überwachung erfolgreich User: Computer Name: ***-PC Event Code: 4672 Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen. Antragsteller: Sicherheits-ID: S-1-5-21-2066349525-2878371349-4173274966-1001 Kontoname: *** Kontodomäne: ***-PC Anmelde-ID: 0x378a6 Berechtigungen: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 53843 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100415030909.864377-000 Event Type: Überwachung erfolgreich User: Computer Name: ***-PC Event Code: 4648 Message: Anmeldeversuch mit expliziten Anmeldeinformationen. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: ***-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Konto, dessen Anmeldeinformationen verwendet wurden: Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Zielserver: Zielservername: localhost Weitere Informationen: localhost Prozessinformationen: Prozess-ID: 0x234 Prozessname: C:\Windows\System32\services.exe Netzwerkinformationen: Netzwerkadresse: - Port: - Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird. Record Number: 53844 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100415031229.889377-000 Event Type: Überwachung erfolgreich User: Computer Name: ***-PC Event Code: 4624 Message: Ein Konto wurde erfolgreich angemeldet. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: ***-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmeldetyp: 5 Neue Anmeldung: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Prozessinformationen: Prozess-ID: 0x234 Prozessname: C:\Windows\System32\services.exe Netzwerkinformationen: Arbeitsstationsname: Quellnetzwerkadresse: - Quellport: - Detaillierte Authentifizierungsinformationen: Anmeldeprozess: Advapi Authentifizierungspaket: Negotiate Übertragene Dienste: - Paketname (nur NTLM): - Schlüssellänge: 0 Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde. Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe". Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk). Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto. Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben. Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung. - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren. - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren. - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an. - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0. Record Number: 53845 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100415031229.889377-000 Event Type: Überwachung erfolgreich User: Computer Name: ***-PC Event Code: 4672 Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Berechtigungen: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 53846 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100415031229.889377-000 Event Type: Überwachung erfolgreich User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Teleca Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\DivX Shared\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=1707 "NUMBER_OF_PROCESSORS"=4 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat "DFSTRACINGON"=FALSE "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- hoffe mir kann da jemand helfen. Sorry ist mein 1. erstelltes thema, hoffe war alles richtig so, noch einen schönen guten morgen, lg bbrvip |
|
20.04.2010, 10:18
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! Hallo und
__________________ bitte mit aktuellen Signaturen einen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
21.04.2010, 03:30
| #4 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! musste wieda teilen, hier der erste teil: die malwarebytes-log : Malwarebytes' Anti-Malware 1.45 w*w.malwarebytes.org Datenbank Version: 3988 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 21.04.2010 03:46:11 mbam-log-2010-04-21 (03-46-11).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 109079 Laufzeit: 5 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ------------------------------------- die OTL-logs: OTL.Txt OTL logfile created on: 21.04.2010 03:46:38 - Run 1 OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\***\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Germany| Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 0,82 Gb Free Space | 0,18% Space Free | Partition Type: NTFS Drive D: | 2,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ***-PC Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Windows\SysWow64\spool\DRIVERS\x64\3\CNAP2RPK.EXE File not found PRC - C:\Windows\SysWow64\spool\drivers\x64\3\CNAP2LAK.EXE File not found PRC - C:\Windows\SysWow64\spool\DRIVERS\x64\3\CNAB8SWK.EXE File not found PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\GDATA\AVKTray\AVKTray.exe (G DATA Software AG) PRC - C:\Programme\GDATA\AVK\AVKService.exe (G DATA Software AG) PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG) PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe (Sony Ericsson Mobile Communications AB) PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe (Teleca AB) PRC - C:\Programme\GDATA\AVK\AvkLnk32.exe (G DATA Software AG) PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe () SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AVKService) -- C:\Programme\GDATA\AVK\AVKService.exe (G DATA Software AG) SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG) SRV - (AVKWCtl) -- C:\Programme\GDATA\AVK\AVKWCtlX64.exe (G DATA Software AG) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AvkLink32) -- C:\Programme\GDATA\AVK\AvkLnk32.exe (G DATA Software AG) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () SRV - (MDM) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\Drivers\avgtdia.sys () DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys () DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys () DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys () DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys () DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys () DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\DRIVERS\AF9035BDA.sys () DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys () DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys () DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys () DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys () DRV:64bit: - (ncplelhp) -- C:\Windows\SysNative\DRIVERS\ncplelhp.sys () DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys () DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys () DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys () DRV:64bit: - (s816mdm) -- C:\Windows\SysNative\DRIVERS\s816mdm.sys () DRV:64bit: - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\SysNative\DRIVERS\s816unic.sys () DRV:64bit: - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s816mgmt.sys () DRV:64bit: - (s816obex) -- C:\Windows\SysNative\DRIVERS\s816obex.sys () DRV:64bit: - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\SysNative\DRIVERS\s816nd5.sys () DRV:64bit: - (s816mdfl) -- C:\Windows\SysNative\DRIVERS\s816mdfl.sys () DRV:64bit: - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s816bus.sys () DRV:64bit: - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s115mgmt.sys () DRV:64bit: - (s115obex) -- C:\Windows\SysNative\DRIVERS\s115obex.sys () DRV:64bit: - (s115mdm) -- C:\Windows\SysNative\DRIVERS\s115mdm.sys () DRV:64bit: - (s115mdfl) -- C:\Windows\SysNative\DRIVERS\s115mdfl.sys () DRV:64bit: - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s115bus.sys () DRV:64bit: - (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM) -- C:\Windows\SysNative\DRIVERS\s616unic.sys () DRV:64bit: - (s616obex) -- C:\Windows\SysNative\DRIVERS\s616obex.sys () DRV:64bit: - (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS) -- C:\Windows\SysNative\DRIVERS\s616nd5.sys () DRV:64bit: - (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\s616mgmt.sys () DRV:64bit: - (s616mdm) -- C:\Windows\SysNative\DRIVERS\s616mdm.sys () DRV:64bit: - (s616mdfl) -- C:\Windows\SysNative\DRIVERS\s616mdfl.sys () DRV:64bit: - (s616bus) Sony Ericsson Device 616 driver (WDM) -- C:\Windows\SysNative\DRIVERS\s616bus.sys () DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys () DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys () DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://w*w.alternate.net [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://w*w.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://w*w.daemon-search.com/default IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:2.02 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.812 FF - prefs.js..extensions.enabledItems: avg@igeared:4.002.023.004 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010.04.20 21:55:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.04.15 02:30:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.03 08:06:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.03 08:06:14 | 000,000,000 | ---D | M] [2008.11.04 14:22:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2010.04.20 03:23:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fgwrrtnv.default\extensions [2009.10.08 23:31:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fgwrrtnv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.04.23 13:41:31 | 000,000,000 | ---D | M] (Fast Video Download) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\fgwrrtnv.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2010.04.03 08:10:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.03.12 12:25:11 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.03.12 12:25:11 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.03.12 12:25:11 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.03.12 12:25:11 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.03.12 12:25:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIEx64.dll () O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.) O2 - BHO: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIE.dll () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Megaupload Toolbar) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL (MEGAUPLOAD ) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O3:64bit: - HKLM\..\Toolbar: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIEx64.dll () O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\GDATA\Webfilter\AVKWebIE.dll () O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL (MEGAUPLOAD ) O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~2\MEGAUP~2\MEGAUP~1.DLL (MEGAUPLOAD ) O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\DRIVERS\x64\3\CNAP2LAK.EXE () O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL () O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL () O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\GDATA\AVKTray\AVKTray.exe (G DATA Software AG) O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe () O4 - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe () O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Steam] c:\users\***\saved games\steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Haydar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gangsters2Setup.lnk = E:\Applet.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe () O9 - Extra 'Tools' menuitem : CDPoker - {A68FC757-51CF-4f3c-B13A-BFB8CA69BB99} - C:\Poker\CDPoker\casino.exe () O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ht*p://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} ht*p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ht*p://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} h*tp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} ht*p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} ht*p://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ht*p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003.07.09 17:27:28 | 000,000,000 | R--D | M] - D:\AutoRte -- [ UDF ] O32 - AutoRun File - [2003.08.05 19:02:47 | 000,000,000 | R--D | M] - D:\Autorun -- [ UDF ] O32 - AutoRun File - [2003.08.05 19:01:21 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{0e384d54-ac15-11dd-b240-001fc64954bd}\Shell - "" = AutoRun O33 - MountPoints2\{0e384d54-ac15-11dd-b240-001fc64954bd}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found O33 - MountPoints2\{142bfac4-3c29-11df-908b-001fc64954bd}\Shell\AutoRun\command - "" = G:\POGRESHILI\\sudbinemi.exe -- File not found O33 - MountPoints2\{142bfac4-3c29-11df-908b-001fc64954bd}\Shell\open\command - "" = G:\POGRESHILI\\sudbinemi.exe -- File not found O33 - MountPoints2\{63cc3da5-a92b-11dd-8e78-001fc64954bd}\Shell - "" = AutoRun O33 - MountPoints2\{63cc3da5-a92b-11dd-8e78-001fc64954bd}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found O33 - MountPoints2\{8890f4c0-a1e3-11dd-aa37-001fc64954bd}\Shell\AutoRun\command - "" = E:\EmDesk.exe -- File not found O33 - MountPoints2\{8890f4c0-a1e3-11dd-aa37-001fc64954bd}\Shell\EmDesk\command - "" = E:\EmDesk.exe -- File not found O33 - MountPoints2\{ae9456e3-a1e2-11dd-bca0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{ae9456e3-a1e2-11dd-bca0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun\autorun.exe -- [2003.08.05 19:02:27 | 000,033,280 | R--- | M] (Microsoft® Corporation) O33 - MountPoints2\{def0d9f4-ca27-11dd-bc97-001fc64954bd}\Shell\AutoRun\command - "" = C:\Windows\SysWow64\setupSNK.exe -- [2008.01.21 04:47:35 | 000,013,312 | ---- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2081.10.08 18:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.04.21 03:23:48 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.04.15 15:45:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg [2010.04.15 05:21:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2010.04.15 05:21:06 | 000,000,000 | ---D | C] -- C:\rsit [2010.04.15 04:26:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes [2010.04.15 04:26:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.04.15 04:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.04.15 04:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.04.15 03:43:03 | 000,000,000 | -H-D | C] -- C:\$AVG [2010.04.15 03:29:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.04.15 03:05:34 | 000,000,000 | ---D | C] -- C:\2967bd363b0d071f346a [2010.04.15 02:34:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\AVG Security Toolbar [2010.04.15 02:30:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg [2010.04.15 02:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar [2010.04.15 02:28:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.04.15 02:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010.04.14 16:13:57 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll [2010.04.14 16:13:56 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm [2010.04.14 16:12:49 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010.04.14 16:12:48 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010.04.03 08:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.04.03 08:10:27 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.04.03 08:10:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.04.03 08:10:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.03.31 21:08:06 | 000,833,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll [2010.03.31 21:08:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2010.03.31 21:08:04 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2010.03.31 21:08:03 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.03.31 21:08:03 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.03.31 21:08:03 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll [2010.03.31 21:08:02 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll [2010.03.31 21:08:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.03.31 21:08:02 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2010.03.31 21:08:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.03.31 21:08:02 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll [2010.03.31 21:08:02 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2010.03.31 21:08:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll [2010.03.31 01:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works Suite 2004 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2081.10.08 18:25:34 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AA93048B-BE70-4702-BAE5-1294877AB5EE}.job [2010.04.21 03:46:37 | 011,010,048 | -HS- | M] () -- C:\Users\***\NTUSER.DAT [2010.04.21 03:44:32 | 001,427,406 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.04.21 03:44:32 | 000,621,714 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.04.21 03:44:32 | 000,589,884 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.04.21 03:44:32 | 000,123,646 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.04.21 03:44:32 | 000,101,896 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.04.21 03:36:51 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.04.21 03:36:51 | 000,003,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.04.21 03:36:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.04.21 03:36:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.04.21 03:23:54 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2010.04.21 03:06:17 | 000,017,408 | ---- | M] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2010.04.20 21:54:45 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{888b730a-b457-11de-9458-001fc64954bd}.TMContainer00000000000000000001.regtrans-ms [2010.04.20 21:54:45 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{888b730a-b457-11de-9458-001fc64954bd}.TM.blf [2010.04.20 21:53:31 | 004,076,215 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db [2010.04.20 16:52:16 | 000,317,520 | ---- | M] () -- C:\Windows\SysNative\drivers\avgtdia.sys [2010.04.20 16:52:09 | 059,094,882 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2010.04.19 20:34:07 | 000,000,680 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.04.17 19:53:32 | 000,011,318 | ---- | M] () -- C:\Users\***\Documents\Die letzte Rettung-by ***.rtf [2010.04.17 19:53:32 | 000,000,482 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat [2010.04.17 00:56:20 | 000,960,054 | ---- | M] () -- C:\Users\***\Documents\ezu3k5bt.bmp [2010.04.17 00:55:48 | 000,231,254 | ---- | M] () -- C:\Users\***\Documents\45gdgb5z.bmp [2010.04.15 23:18:13 | 000,000,720 | ---- | M] () -- C:\Users\Public\Desktop\William Hill Poker.lnk [2010.04.15 04:48:54 | 000,001,724 | ---- | M] () -- C:\Users\***\Desktop\CCleaner.lnk [2010.04.15 04:26:03 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.15 04:21:20 | 000,781,909 | ---- | M] () -- C:\Users\***\Desktop\RSIT.exe [2010.04.15 02:39:33 | 000,001,824 | ---- | M] () -- C:\Users\***\Desktop\Steam.lnk [2010.04.15 02:30:32 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010.04.15 02:30:20 | 000,012,976 | ---- | M] () -- C:\Windows\SysNative\avgrssta.dll [2010.04.15 02:30:16 | 000,269,320 | ---- | M] () -- C:\Windows\SysNative\drivers\avgldx64.sys [2010.04.15 02:30:15 | 000,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm [2010.04.15 02:30:15 | 000,035,464 | ---- | M] () -- C:\Windows\SysNative\drivers\avgmfx64.sys [2010.04.05 21:29:56 | 000,829,270 | ---- | M] () -- C:\Users\***\Desktop\100_9601.JPG [2010.04.05 21:29:46 | 000,828,538 | ---- | M] () -- C:\Users\***\Desktop\100_9599.JPG [2010.04.05 21:29:46 | 000,824,254 | ---- | M] () -- C:\Users\***\Desktop\100_9600.JPG [2010.04.01 19:40:31 | 000,102,640 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT [2010.04.01 19:40:09 | 000,382,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.03.31 21:47:00 | 000,063,540 | ---- | M] () -- C:\Users\***\Desktop\ssk1.frage.rtf [2010.03.31 04:39:22 | 000,052,224 | ---- | M] () -- C:\Users\***\Desktop\Deckblatt.doc [2010.03.31 01:14:12 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI [2010.03.31 01:13:27 | 000,001,910 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010.03.30 02:44:02 | 001,432,791 | ---- | M] () -- C:\Users\***\Documents\Unbenannt (5).wma [2010.03.30 02:35:40 | 004,176,181 | ---- | M] () -- C:\Users\***\Documents\Unbenannt (4).wma [2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.03.29 15:24:46 | 000,024,664 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.04.17 00:55:43 | 000,960,054 | ---- | C] () -- C:\Users\***\Documents\ezu3k5bt.bmp [2010.04.17 00:55:37 | 000,231,254 | ---- | C] () -- C:\Users\***\Documents\45gdgb5z.bmp [2010.04.15 23:18:13 | 000,000,720 | ---- | C] () -- C:\Users\Public\Desktop\William Hill Poker.lnk [2010.04.15 04:26:03 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.15 04:25:57 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys [2010.04.15 04:21:06 | 000,781,909 | ---- | C] () -- C:\Users\***\Desktop\RSIT.exe [2010.04.15 02:53:15 | 000,303,061 | ---- | C] () -- C:\Users\***\Desktop\DSC00380.JPG [2010.04.15 02:39:33 | 000,001,824 | ---- | C] () -- C:\Users\***\Desktop\Steam.lnk [2010.04.15 02:30:32 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010.04.15 02:30:20 | 000,012,976 | ---- | C] () -- C:\Windows\SysNative\avgrssta.dll [2010.04.15 02:30:19 | 000,317,520 | ---- | C] () -- C:\Windows\SysNative\drivers\avgtdia.sys [2010.04.15 02:30:16 | 000,269,320 | ---- | C] () -- C:\Windows\SysNative\drivers\avgldx64.sys [2010.04.15 02:30:15 | 059,094,882 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2010.04.15 02:30:15 | 000,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm [2010.04.15 02:30:15 | 000,035,464 | ---- | C] () -- C:\Windows\SysNative\drivers\avgmfx64.sys [2010.04.14 16:14:14 | 001,420,688 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2010.04.14 16:14:13 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\iphlpsvc.dll [2010.04.14 16:14:13 | 000,029,696 | ---- | C] () -- C:\Windows\SysNative\drivers\tunnel.sys [2010.04.14 16:14:11 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys [2010.04.14 16:14:11 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys [2010.04.14 16:14:11 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys [2010.04.14 16:14:09 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe [2010.04.14 16:13:57 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll [2010.04.14 16:13:56 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm [2010.04.14 16:12:49 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll [2010.04.14 16:12:48 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll [2010.04.05 21:28:49 | 000,829,270 | ---- | C] () -- C:\Users\***\Desktop\100_9601.JPG [2010.04.05 21:28:49 | 000,828,538 | ---- | C] () -- C:\Users\***\Desktop\100_9599.JPG [2010.04.05 21:28:49 | 000,824,254 | ---- | C] () -- C:\Users\***\Desktop\100_9600.JPG [2010.03.31 21:56:49 | 000,063,540 | ---- | C] () -- C:\Users\***\Desktop\ssk1.frage.rtf [2010.03.31 21:08:12 | 005,689,344 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll [2010.03.31 21:08:10 | 007,005,696 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll [2010.03.31 21:08:08 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll [2010.03.31 21:08:08 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll [2010.03.31 21:08:06 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll [2010.03.31 21:08:04 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll [2010.03.31 21:08:04 | 000,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll [2010.03.31 21:08:04 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll [2010.03.31 21:08:03 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll [2010.03.31 21:08:03 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll [2010.03.31 21:08:03 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll [2010.03.31 21:08:02 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll [2010.03.31 21:08:02 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec [2010.03.31 21:08:02 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll [2010.03.31 21:08:02 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll [2010.03.31 21:08:02 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe [2010.03.31 21:08:01 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb [2010.03.31 21:08:01 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll [2010.03.31 04:39:21 | 000,052,224 | ---- | C] () -- C:\Users\***\Desktop\Deckblatt.doc [2010.03.31 01:17:42 | 000,000,482 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat [2010.03.31 01:14:12 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.03.31 01:13:27 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010.03.30 02:44:02 | 001,432,791 | ---- | C] () -- C:\Users\***\Documents\Unbenannt (5).wma [2010.03.30 02:35:40 | 004,176,181 | ---- | C] () -- C:\Users\***\Documents\Unbenannt (4).wma [2010.03.16 20:00:50 | 001,448,408 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.03.12 21:48:13 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat [2010.03.02 22:52:03 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2010.02.09 02:17:27 | 000,000,799 | ---- | C] () -- C:\Users\***\Dokument3.rtf [2010.02.07 20:18:01 | 000,034,148 | ---- | C] () -- C:\Users\***\mert.JPG [2010.02.07 20:17:48 | 000,025,073 | ---- | C] () -- C:\Users\***\ilan16dk1.jpg [2010.02.07 20:17:39 | 000,026,768 | ---- | C] () -- C:\Users\***\komik-resim-7.jpg [2010.02.07 20:15:42 | 000,051,264 | ---- | C] () -- C:\Users\***\on2_530775f1d.jpg [2010.02.07 20:15:31 | 000,098,764 | ---- | C] () -- C:\Users\***\yeniceri10245pv.jpg [2010.02.07 20:11:29 | 000,179,199 | ---- | C] () -- C:\Users\***\komik3pi8.png [2010.02.07 20:10:47 | 000,029,220 | ---- | C] () -- C:\Users\***\yenirakize3.jpg [2010.02.06 18:38:43 | 000,012,920 | ---- | C] () -- C:\Users\***\Dokument.rtf [2009.12.05 15:23:44 | 008,200,006 | ---- | C] () -- C:\Users\***\Memo (2).amr [2009.12.05 12:53:16 | 008,388,006 | ---- | C] () -- C:\Users\***\Memo (1).amr [2009.12.05 11:03:22 | 006,195,238 | ---- | C] () -- C:\Users\***\Memo.amr [2009.11.10 01:46:10 | 000,031,434 | ---- | C] () -- C:\Users\***\agliyan.jpg [2009.11.10 01:45:26 | 000,043,999 | ---- | C] () -- C:\Users\***\dertli.jpg [2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.10.22 17:20:34 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2009.10.22 17:20:34 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2009.10.22 17:20:34 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2009.10.09 00:12:00 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{888b730a-b457-11de-9458-001fc64954bd}.TMContainer00000000000000000002.regtrans-ms [2009.10.09 00:12:00 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{888b730a-b457-11de-9458-001fc64954bd}.TMContainer00000000000000000001.regtrans-ms [2009.10.09 00:12:00 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{888b730a-b457-11de-9458-001fc64954bd}.TM.blf [2009.08.14 22:29:54 | 000,000,277 | ---- | C] () -- C:\Users\***\AppData\Roaming\Gangsters2Setup.lnk [2009.06.30 12:20:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.03.08 06:55:15 | 000,000,515 | ---- | C] () -- C:\Windows\SIERRA.INI [2009.03.06 00:39:17 | 000,000,353 | ---- | C] () -- C:\Windows\doom3.ini [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008.10.26 15:34:44 | 000,000,259 | ---- | C] () -- C:\Windows\RomeTW.ini [2008.10.25 13:06:03 | 000,027,648 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.10.24 17:58:40 | 000,000,732 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps64.dat [2008.10.24 17:58:39 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms [2008.10.24 17:58:39 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms [2008.10.24 17:58:39 | 000,262,144 | -H-- | C] () -- C:\Users\***\ntuser.dat.LOG1 [2008.10.24 17:58:39 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf [2008.10.24 17:58:39 | 000,000,020 | -HS- | C] () -- C:\Users\***\ntuser.ini [2008.10.24 17:58:39 | 000,000,000 | -H-- | C] () -- C:\Users\***\ntuser.dat.LOG2 [2008.10.24 17:58:38 | 011,010,048 | -HS- | C] () -- C:\Users\***\NTUSER.DAT [2008.10.24 17:35:02 | 000,000,552 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat [2008.10.21 21:09:15 | 000,021,322 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.06.11 09:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.06.11 09:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.06.05 08:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007.08.01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll < End of report > |
|
21.04.2010, 03:35
| #5 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! der zweite teil : Extras.Txt OTL Extras logfile created on: 21.04.2010 03:46:38 - Run 1 OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\***\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 0,82 Gb Free Space | 0,18% Space Free | Partition Type: NTFS Drive D: | 2,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ***-PC Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" () piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l () scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.) "C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- File not found "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found "C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.) "C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- File not found "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate -- File not found "C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx -- File not found "C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04540300-02F6-4841-A417-DA1FBCB1B315}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{0ED4F32A-C69A-4A17-A7BB-A580A038B1DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{3136840C-A6A5-45E1-916E-0B27CFD8A8A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3381481F-28C0-4549-8A93-82DE72D3CFEF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{3FBF9375-4704-4998-AF5D-F205275DEA80}" = lport=2869 | protocol=6 | dir=in | app=system | "{532EF145-E1BE-4BB3-B043-A88DA6FE6998}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{7754D9B2-5BFD-42B1-9B20-FB64991CD012}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CB8ECC82-3F0C-47DB-81DA-16325960829D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DD3E4B30-A35E-4CF6-821F-1AFF65063215}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EA714147-073E-4A88-9862-DAEA861C5E98}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E304A8C-2935-4EB0-BD67-9B60539EF270}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | "{1D114841-BA2C-487D-9F25-799E2C5E42B6}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | "{2616F63D-AF76-4020-BF43-364EA92CDCBA}" = dir=in | app=c:\program files (x86)\avg\avg9\avgemc.exe | "{2DB5C014-AF00-41BA-9D66-86DD659C0CBA}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe | "{3714C47F-BBB9-462C-B775-076491A025C5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{3CE053EB-5297-4540-976C-5B5EF2788511}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{4899AE21-485E-4F29-AFCD-35B8565515DD}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe | "{56DF16DE-BFD6-4031-9DE8-D186B22E47C2}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{81AED53D-6879-4B7B-9B30-923673DA428D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8C098C4A-BB2D-44BA-A963-06F82A6CACDC}" = dir=in | app=c:\users\***\downloads\skypeportable\phone\skype.exe | "{8C2FBE43-4A7F-45F4-A02A-5AC635BB976F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{AFC27596-3B1C-4789-B89E-EE031761D153}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{C3C0441C-C765-41E0-BCAD-8AD07539B1B4}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe | "{D4E47A2B-4861-4DFE-904B-41D909A2C977}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe | "{DEBBEDC1-1B8C-477C-8486-444A8A179C01}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{EF1C8ABD-C90F-445E-8B2A-5B2D3F64803F}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe | "TCP Query User{0D67DA43-E900-4D91-9912-93E9E160EC7E}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "TCP Query User{199EB682-142B-496F-AB35-6122DA0EDBEA}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe | "TCP Query User{1D558FE9-0F0A-435B-972C-A865855E7859}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{2A1D68BC-728D-4EDE-BEE7-CDA0DEAAD1F6}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe | "TCP Query User{35433C7A-2FA6-4BB8-8562-2776EF9B7584}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "TCP Query User{40CEA3B7-1F93-4CD2-9D91-97C5A8DAF13B}C:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe | "TCP Query User{45AEA810-7C59-476A-9CEB-F8B61ACE4500}C:\program files (x86)\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe | "TCP Query User{462A4EA8-22A8-4517-8818-C8D237880BCB}C:\users\***\saved games\wiggles\wiggles.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\wiggles\wiggles.exe | "TCP Query User{4A49BB93-769F-4630-A485-F94F507CB89B}C:\users\***\saved games\***\left4dead.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\***\left4dead.exe | "TCP Query User{4E43FFA9-6DCE-4004-84D1-1C85B8BD53EC}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{54805542-1754-4462-A5EF-EC209CAF7D5E}C:\users\***\saved games\cs1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\cs1.6\hl.exe | "TCP Query User{58EAB3BB-BB12-459C-AE2D-000B4CA6C0B7}C:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe | "TCP Query User{5E60A9C4-C465-472F-9A72-6DEE20A3F9AC}C:\users\***\saved games\cs1.6\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\cs1.6\hl.exe | "TCP Query User{639A7FDE-2E91-4F6F-BDEA-E856BABFCB77}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "TCP Query User{6B51DBCA-352A-47F8-810F-6ADC69D41C39}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "TCP Query User{711521CB-A929-4404-85A4-51FF76FC76DB}C:\users\***\saved games\***\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\***\hl.exe | "TCP Query User{78BAAB5A-B5B1-4199-9C6F-BB7BA04D95C7}C:\users\***\downloads\ordner\skypeportable\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\ordner\skypeportable\phone\skype.exe | "TCP Query User{7B30E0C1-64CF-4663-A6BB-A8180DEE8C29}C:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe | "TCP Query User{84ACA0AB-8394-4555-9E84-2B95CE087835}C:\users\***\downloads\ordner\skypeportable\phone\skype.exe" = protocol=6 | dir=in | app=c:\users\***\downloads\ordner\skypeportable\phone\skype.exe | "TCP Query User{880FFF29-2938-4E2F-8E85-72A60C2E94F4}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "TCP Query User{8A113CE6-BF23-4669-9021-86AB699BD40F}C:\program files (x86)\flashget network\flashget universal\flashget.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget universal\flashget.exe | "TCP Query User{8B45AE92-C7B1-4CB3-83F4-306956720D14}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter strike 1.6 reloaded\hl.exe | "TCP Query User{8E2459BB-06AD-482C-8CD7-40B7C25FC3E5}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "TCP Query User{925546AB-8354-48A9-A561-FB3C4F6D4044}C:\users\***\saved games\***\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\***\hl.exe | "TCP Query User{988F57B1-8DCD-44B2-BA59-31283DCCB661}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{9AF5F517-3A37-403C-9D21-01CFF5AA6C0D}C:\program files (x86)\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6\icq.exe | "TCP Query User{A2AAC8B1-1FA7-4687-B4A0-DE9D98E7752D}C:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe | "TCP Query User{A30C720E-5823-42B1-BA60-0B00383E0A29}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{A87E2A50-C696-4621-AC49-C124D7C02E7E}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "TCP Query User{AC72B1AA-0DA7-458F-B242-05B7BA416062}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{C72CA8C4-B9D5-489B-9418-BB4F46AA151D}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "TCP Query User{CD4BD09A-FB7C-45D0-92F2-C2B536B78CAA}C:\users\***\saved games\tf2-le\***\hl2.exe" = protocol=6 | dir=in | app=c:\users\***\saved games\tf2-le\***\hl2.exe | "TCP Query User{F8D40FA1-F49F-4244-8856-F4DEC73369CE}C:\program files (x86)\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\zattoo\zattoo.exe | "TCP Query User{FE237860-2B8C-4432-BBB6-5C8532D8C799}C:\program files (x86)\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6\icq.exe | "UDP Query User{2462BAB1-6703-4AF6-9B11-48CDB46BE3E0}C:\program files (x86)\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zattoo\zattoo.exe | "UDP Query User{35A67CCE-6F9E-4417-83A3-1DB5A87027F1}C:\program files (x86)\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files (x86)\zattoo\zattood.exe | "UDP Query User{3C2CC188-15C0-49CF-847E-BD3A2B506735}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe | "UDP Query User{40EE07BC-7A80-45CD-946F-9167B354F43F}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{51BDBF0B-A824-4A47-B81D-CF3064028E88}C:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe | "UDP Query User{5A810DA7-1702-4356-AB3D-8FCD83AAE9C7}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe | "UDP Query User{5D370D53-BB70-4778-B17E-7C4F9A4B1F62}C:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe | "UDP Query User{63C9C423-EF78-44CB-B280-08B320B0D29F}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{6BE4760E-B920-4698-85ED-0C9670F96BD9}C:\users\***\saved games\tf2-le\***\hl2.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\tf2-le\***\hl2.exe | "UDP Query User{6F55EB1E-51DA-4FFF-98CF-BDF2F97920AF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{72C191C8-7EB5-41FF-8FEB-A2B762B75969}C:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\team fortress 2\hl2.exe | "UDP Query User{738B2DE4-0C49-47F8-B58D-8FC1BE52626E}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | "UDP Query User{7555D875-0200-4D82-AFF4-F7C2FCA15912}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "UDP Query User{8606B89B-1CE7-4F31-8A56-3B2799748F12}C:\users\***\downloads\ordner\skypeportable\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\ordner\skypeportable\phone\skype.exe | "UDP Query User{8AC549C4-3779-47E4-923D-95EDC9907D60}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "UDP Query User{8E766E10-47F8-476B-A8B0-E5CD776ABA99}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "UDP Query User{975BFF6D-6419-4002-AEE4-D73E6EA883E1}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{A2B848B9-E48C-47A0-867A-DB66D6CF26D4}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "UDP Query User{A3FC0A28-A0C3-4436-9F9A-22EDCE698E7E}C:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike\hl.exe | "UDP Query User{A7BDC1E6-DD4C-47C3-A1EA-D4C1E2004A56}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe | "UDP Query User{ADA0CEEF-C87D-42BB-B3B2-08E904EA35AA}C:\program files (x86)\flashget network\flashget universal\flashget.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget universal\flashget.exe | "UDP Query User{AF915429-8A14-4514-949F-C514E6AAC807}C:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\steam\steamapps\***\counter-strike source\hl2.exe | "UDP Query User{B2BE67D6-47F0-42EB-95B2-83B26B7E4C22}C:\users\***\saved games\***\left4dead.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\***\left4dead.exe | "UDP Query User{C4A3005E-AB10-4091-B9C1-66E659B75AAE}C:\program files (x86)\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6\icq.exe | "UDP Query User{CCED05A8-8FF7-4DBA-B5C3-21B4CFB0AEBE}C:\program files (x86)\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6\icq.exe | "UDP Query User{CF3AD99A-E546-4B78-900D-A94C84F5D42F}C:\users\***\saved games\***\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\***\hl.exe | "UDP Query User{D2589503-C5F6-406C-8AEB-1ED8C32C5466}C:\users\***\saved games\wiggles\wiggles.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\wiggles\wiggles.exe | "UDP Query User{D867AAA0-0B32-4AD4-B811-42BFFAD35BF6}C:\users\***\saved games\cs1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\cs1.6\hl.exe | "UDP Query User{E2BB480C-F467-4ADF-ABE0-F994E2758855}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe | "UDP Query User{EB8837A5-A0F1-4F92-81A2-F133F61E4199}C:\users\***\downloads\ordner\skypeportable\phone\skype.exe" = protocol=17 | dir=in | app=c:\users\***\downloads\ordner\skypeportable\phone\skype.exe | "UDP Query User{F405C5C4-36E8-412D-A9F5-4CEF3C45D33E}C:\program files (x86)\counter strike 1.6 reloaded\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter strike 1.6 reloaded\hl.exe | "UDP Query User{F8033B23-F689-4911-B490-0C78C8A5D593}C:\users\***\saved games\***\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\***\hl.exe | "UDP Query User{FA8541EC-FFD7-4B35-BA58-172D28FB1ECC}C:\users\***\saved games\cs1.6\hl.exe" = protocol=17 | dir=in | app=c:\users\***\saved games\cs1.6\hl.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== |
|
21.04.2010, 03:39
| #6 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! den teil unten am 2.teil anhängen! 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0E6C415F-7708-4A8F-9509-11C98988BDCA}" = Apple Mobile Device Support "{5AB0C6D3-E546-44C2-8B63-C9044FCC9AC0}" = iTunes "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour "{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety "{F78D5B74-2B10-4D99-B0D5-13FE1A4E0AFE}" = Sony Ericsson PC Suite x64 "Canon LBP3010/LBP3018/LBP3050" = Canon LBP3010/LBP3018/LBP3050 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "{0A9C92A5-D27F-4BD9-9DB9-0EFD8C681E29}" = Safari "{1367FA2F-2B3D-430F-872F-588B93420BFC}" = TimeShift "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates! "{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind "{1EA84402-CD4F-4F19-AFED-C5C228259873}" = G DATA AntiVirus "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{210160CD-F27D-469F-9982-41E900F6820E}" = Warhammer® Mark of Chaos "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth "{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 19 "{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager "{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{485C9280-B899-4D46-86F3-B3E459636EE5}" = Yu-Gi-Oh! Power of Chaos KAIBA THE REVENGE "{4905C2C7-96CB-4DD9-A706-C427913DE5AE}" = Barbarian Invasion "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CA9839A-F660-4F7F-BD45-F466512ECE20}" = LegionArena "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4E8E4647-33C8-4122-A71C-62C9D9DF0F8A}" = MovieJack "{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set "{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}" = Battlefield 1942 "{6A6DCB18-3ECB-46DC-894B-5EFE08C0BD9B}" = Mega Manager "{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{80464ABC-A520-453F-A383-6E7B92E0C3B3}" = Armies of Exigo "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{870013DB-984D-42A8-9E63-8673D8B2775A}" = Stubbs The Zombie "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002 "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3 "{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6 "{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE "{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "{A66C4716-7E10-4A53-8101-00C3C11D6A9C}" = Kane and Lynch: Dead Men "{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04 "{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{AFA9D219-A7FD-4240-8793-E5C7C9D715F4}" = IKEA Home Planner "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III "{B49C924C-A651-4378-94F6-5D9BF44A959F}" = EE-ZDE "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B73B4A99-4173-4747-BBEC-0F05E966F9D2}" = Battlefield 1942: Secret Weapons of WWII "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5334C85-F601-427C-85F7-CDD9FDC8C69F}" = StubbsPatchInstaller "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold "{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data "{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}" = Battlefield 1942: The Road To Rome "{D07643A3-CE41-4286-8C78-EB9C83E76DDB}" = PunkBuster für Battlefield Vietnam "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite "{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly "{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}" = Ghost Recon "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E35B3C63-E958-4E31-A178-95D22024109A}" = Battlefield Vietnam(TM) "{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3 "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "AC3Filter" = AC3Filter (remove only) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Age of Empires" = Microsoft Age of Empires "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Mythology 1.0" = Age of Mythology "Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion "Age of Wonders" = Age of Wonders "Age of Wonders Shadow Magic" = Age of Wonders Shadow Magic "Alfa-Antiterror_is1" = Alfa-Antiterror "ANNO1602" = Anno 1602 "AVG9Uninstall" = AVG Free 9.0 "AVS Audio Editor_is1" = AVS Audio Editor version 5.2 "AVS Update Manager_is1" = AVS Update Manager 1.0 "AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3 "BattleStrike_ger" = Battle Strike "BSW" = BrettspielWelt "bwin Poker_is1" = bwin Poker "Catan" = Catan "CCleaner" = CCleaner "Club Dice Poker" = CDPoker "Counter Strike 1.6 Reloaded" = Counter Strike 1.6 Reloaded "Counter-Strike 1.6 V35" = Counter-Strike 1.6 V35 "Cultures2" = Cultures2 - Die Tore Asgards "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "dBpowerAMP Music Converter" = dBpowerAMP Music Converter "Der Clou!2" = Der Clou!2 "DesertCombat" = DesertCombat 0.7 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2 "Free YouTube Download_is1" = Free YouTube Download 2.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Gangsters" = Gangsters "Hamachi" = Hamachi 1.0.1.4 "HijackThis" = HijackThis 2.0.2 "Host OpenAL (ADI)" = Host OpenAL (ADI) "InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates! "InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4 "InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM) "InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III "InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MegauploadToolbar" = Megaupload Toolbar "MIKSOFT Mobile AMR converter_is1" = MIKSOFT Mobile AMR converter "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "OpenAL" = OpenAL "PartyPoker" = PartyPoker "PokerStars" = PokerStars "PROHYBRIDR" = 2007 Microsoft Office system "Red Alert 2" = Command & Conquer Alarmstufe Rot 2 "Rising Kingdoms" = Rising Kingdoms "S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl "SADK" = Die Siedler - Aufbruch der Kulturen "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SopCast" = SopCast 3.0.3 "Starcraft" = Starcraft "Starship Troopers_is1" = Starship Troopers "Steam App 10" = Counter-Strike "Steam App 240" = Counter-Strike: Source "Steam App 30" = Day of Defeat "Steam App 400" = Portal "Steam App 440" = Team Fortress 2 "Steam App 5" = Dedicated Server "Steamless Left4Dead Pack" = Steamless Left4Dead Pack "TF2 lan edition" = TF2 lan edition "Travianertools" = Travianertools 2.2 "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 0.9.8a "Wiggles" = Wiggles "William Hill Poker" = William Hill Poker "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR Archivierer "WOLAPI" = Gemeinsam genutzte Internet-Komponenten von Westwood "Works2004Setup" = Setup-Start von Microsoft Works 2004 "Zattoo" = Zattoo 3.3.4 Beta "Zattoo4" = Zattoo4 4.0.3 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Abakus" = Abakus "Absolute Poker" = Absolute Poker "UB" = UB ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > --------------------------------------- so,hoffe du kannst mir jetzt weiterhelfen |
|
21.04.2010, 06:55
| #7 | |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich!Zitat:
Es war ein HitzeProblem, nichts mit Trojaner und so. Überprüfe mal die Temperaturen, zum Beispiel mit PC WIZARD
__________________ Es ist besser für das, was man ist, gehasst, als für das, was man nicht ist, geliebt zu werden. (Kettcar) |
|
21.04.2010, 14:38
| #8 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! im Anhang hab ich die aktuelle Temperaturwerte aus PC Wizard 2010 hochgeladen, wollte wissen, ob die Werte normal sind oder schon etwas kritisch. Falls die Werte im kritischen Bereich liegen sollten, was könnte ich dagegen machen? lg hk |
|
21.04.2010, 14:45
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! 75-77°C Für die CPU finde ich schon zu hoch 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2010, 16:34
| #10 | |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich!Zitat:
i kenn mich halt net aus, lg hk |
|
22.04.2010, 06:26
| #11 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! PC öffnen und mal nachsehen ob die Lüfter verdreckt sind und dann reinigen, denn laufen tun sie ja offenbar alle. Sind Kabel so verlegt, dass sie den Luftstrom sehr stören? Saugt der PC vielleicht die warme Luft von der Heizung an? Vielleicht den PC mal mit offenem Gehäuse laufen lassen und prüfen ob er immer noch einfriert.
__________________ Es ist besser für das, was man ist, gehasst, als für das, was man nicht ist, geliebt zu werden. (Kettcar) |
|
24.04.2010, 13:15
| #12 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! Also, hab PC aufgemacht und erstma schön sauber gemacht, Gehäuse is offen, Kabel stören nicht,Heizung is net in der nähe. jedoch hängt der trotzdem, die temperatur is runtergegangen. meine frage: In den Logs, steht da,dass ich n virus/trojaner/wurm/etc hab oder keine (zum glück) mir eingefangen habe. Und falls ich doch keine eingefangen haben sollte, was kann der Grund noch sein, jetzt außer das mit der Hitze. Danke für euer Bemühen |
|
24.04.2010, 16:23
| #13 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! wieviele AV-Apps hast Du denn im Autostart? 3  das könnte auch ein Grund sein. Ich kenne mich mit diesen Programmen nicht aus, ich habe so etwas nicht installiert.
__________________ Es ist besser für das, was man ist, gehasst, als für das, was man nicht ist, geliebt zu werden. (Kettcar) |
|
25.04.2010, 03:37
| #14 |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! was meinst du denn mit AV-Apps? |
|
25.04.2010, 05:46
| #15 | |
| | PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich!Zitat:
__________________ Es ist besser für das, was man ist, gehasst, als für das, was man nicht ist, geliebt zu werden. (Kettcar) |
|
| Themen zu PC erstarrt(strg+alt+ent funkzt net),maus und eingabe net möglich! |
| absturz, antivirus, avg free, avg security toolbar, bho, bildschirm, device driver, diagnostics, e-mail, error, erstarrt, friert ein, g data, geht nicht mehr, google, hdaudio.sys, hijackthis, home, home premium, hängt sich auf, internet, liveupdate.exe, maus, maus geht nicht, monitor, mozilla, nvlddmkm.sys, object, plug-in, problem, programdata, proxy, registry, rootkit, rundll, seaport.exe, security, software, start menu, system, trojaner, usb, virus |
Linear-Darstellung
