|
Mülltonne: datei mit der endung *.img.scr und seitdem muckt mein ICQWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
29.04.2010, 16:23 | #1 |
| datei mit der endung *.img.scr und seitdem muckt mein ICQ Guten Tag alle zusammen. Bin noch neu hier und habe per Google nix zu menem Problem gefunden außer diesen Thread hier... Ich hab eins zu eins genau dasselbe Problem wie GJM. Mir hatte auch jemand einen Link an die vorher titulierte Seite geschickt (na gut, es war eine andere Datei, glaub ich, aber trotzdem auf derselben Seite), es war auch eine datei mit der endung *.img.scr und seitdem muckt mein ICQ auch dauernd auf, öffnet sich, obwohl es eigentlich geschlossen war, und, und, und... Ich habe gerade einen kompletten Suchlauf mit Malwarebytes durchlaufen lassen, hier ist mein Logfile: Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Datenbank Version: 4051 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 29.04.2010 17:15:20 mbam-log-2010-04-29 (17-15-20).txt Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|G:\|H:\|) Durchsuchte Objekte: 301527 Laufzeit: 2 Stunde(n), 31 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Zeug von Pino\TuneUp Utilities 2010 Keygen+Handbuch\Keygen(CORE)\keygen.exe (Trojan.Agent.CK) -> No action taken. H:\Erigalus\Desktop\Cryptload\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> No action taken. H:\Erigalus\Desktop\Cryptload\ocr\filer.net\ocr_by_spider_b\Version4.exe (Trojan.Downloader) -> No action taken. betreffende Dateien hab ich schon gelöscht. Und hier die OTL.txt vom OTL: OTL logfile created on: 29.04.2010 17:24:28 - Run 1 OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Erigalus\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 45,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 66,82 Gb Free Space | 44,84% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 298,02 Gb Total Space | 202,05 Gb Free Space | 67,80% Space Free | Partition Type: FAT32 I: Drive not present or media not loaded Computer Name: ERIGALUS-PC Current User Name: Erigalus Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Erigalus\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Public\winsvcn.exe () PRC - C:\Users\Erigalus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.) PRC - C:\Programme\TP-LINK\QSS\jswpbapi.exe (Wireless) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) PRC - C:\Programme\SpacialAudio\SAMBC\SAMBC.exe () PRC - C:\mysql\bin\mysqld-nt.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Erigalus\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (SearchAnonymizer) -- C:\Users\Erigalus\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () SRV - (Akamai) -- c:\Programme\Common Files\Akamai\rswin_3653.dll () SRV - (BroadCamService) -- C:\Program Files\NCH Software\BroadCam\broadcam.exe (NCH Software) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (jswpsapi) -- C:\Programme\TP-LINK\QSS\jswpsapi.exe (Wireless) SRV - (jswpbapi) -- C:\Programme\TP-LINK\QSS\jswpbapi.exe (Wireless) SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software) SRV - (MySQL) -- C:\mysql\bin\mysqld-nt.exe () ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (jswpslwf) -- C:\Windows\System32\drivers\jswpslwf.sys (Atheros Communications, Inc.) DRV - (athur) -- C:\Windows\System32\drivers\athur.sys (Atheros Communications, Inc.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ZD1211BU(WLAN)) 802.11g USB 2.0 Wireless LAN Driver (USB)(WLAN) -- C:\Windows\System32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.windowslive.de/SkyDrive/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 BF 45 05 82 C4 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: omfg@olive:0.6.080510 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: {d122ad80-ff45-11dd-87af-0800200c9a66}:3.6.29.01.10 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.12 16:57:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.28 23:25:28 | 000,000,000 | ---D | M] [2010.01.05 02:32:10 | 000,000,000 | ---D | M] -- C:\Users\Erigalus\AppData\Roaming\mozilla\Extensions [2010.04.28 19:46:55 | 000,000,000 | ---D | M] -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions [2010.04.14 21:46:35 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.03.28 22:44:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.03.15 02:31:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.02.21 12:43:28 | 000,000,000 | ---D | M] (Green Fox) -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions\{d122ad80-ff45-11dd-87af-0800200c9a66} [2010.01.21 23:01:56 | 000,000,000 | ---D | M] -- C:\Users\Erigalus\AppData\Roaming\mozilla\Firefox\Profiles\ohihy1ri.default\extensions\omfg@olive [2010.04.21 22:57:10 | 000,001,030 | ---- | M] () -- C:\Users\Erigalus\AppData\Roaming\Mozilla\FireFox\Profiles\ohihy1ri.default\searchplugins\wikipedia-de.xml [2010.04.28 23:25:30 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.28 23:25:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.09.21 12:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv522.dll [2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll [2010.04.13 22:31:10 | 000,001,648 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.13 22:31:10 | 000,002,617 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.13 22:31:10 | 000,007,015 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.13 22:31:10 | 000,001,242 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.13 22:31:10 | 000,001,134 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [BroadCam] C:\Program Files\NCH Software\BroadCam\broadcam.exe (NCH Software) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [FastFox] C:\Program Files\NCH Swift Sound\FastFox\fastfox.exe (NCH Software) O4 - HKLM..\Run: [jswtrayutil] C:\Program Files\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.) O4 - HKLM..\Run: [Ocs_SM] C:\Users\Erigalus\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [WindowsUpdateManager] C:\Users\Public\winsvcn.exe () O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Erigalus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ICQ-Tools.de Launcher.lnk = C:\Users\Erigalus\AppData\Roaming\Microsoft\Installer\{247E0933-1877-4208-BF6A-B39E3015B148}\_1578728319E91872ECA3D5.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.04.29 14:42:01 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\Malwarebytes [2010.04.29 14:41:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.04.29 14:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.04.29 14:41:28 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.04.29 14:41:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.04.29 14:40:30 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\Erigalus\Desktop\OTL.exe [2010.04.29 14:39:37 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Erigalus\Desktop\mbam-setup-1.45.exe [2010.04.28 23:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.04.28 23:25:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.04.28 23:25:28 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.04.28 23:25:28 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.04.28 23:25:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.04.28 23:25:28 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.04.28 23:03:20 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\Tracing [2010.04.28 12:58:21 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.04.28 12:58:21 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010.04.24 18:14:39 | 000,000,000 | ---D | C] -- C:\Fraps [2010.04.23 19:52:53 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\Screaming Bee [2010.04.23 19:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee [2010.04.23 19:48:39 | 000,000,000 | ---D | C] -- C:\Programme\Screaming Bee [2010.04.23 19:38:02 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\Desktop\Soundchecks für Werbungen etc [2010.04.21 15:30:42 | 000,000,000 | ---D | C] -- C:\bananenkoenig [2010.04.19 14:28:42 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\Uniblue [2010.04.19 14:28:36 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue [2010.04.17 14:25:58 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\Documents\My Games [2010.04.17 14:25:57 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Local\Freelancer [2010.04.15 03:11:49 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.04.15 03:11:48 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.04.15 03:11:47 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.04.13 22:30:55 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\OCS [2010.04.13 21:18:39 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\Desktop\Zeugs [2010.04.12 22:03:14 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\DivX [2010.04.12 22:02:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine [2010.04.12 21:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.04.12 21:51:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared [2010.04.12 21:51:55 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2010.04.11 17:09:45 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\Sudeki [2010.04.11 17:07:39 | 000,000,000 | ---D | C] -- C:\Program1 [2010.04.11 17:01:55 | 000,000,000 | ---D | C] -- C:\Sudeki [2010.04.11 16:51:16 | 000,000,000 | ---D | C] -- C:\sound [2010.04.11 16:51:16 | 000,000,000 | ---D | C] -- C:\launcherdata [2010.04.11 16:51:16 | 000,000,000 | ---D | C] -- C:\data [2010.04.11 14:23:14 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\TS3Client [2010.04.11 14:23:08 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client [2010.04.11 14:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2010.04.11 11:25:04 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\FileZilla [2010.04.11 11:23:12 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client [2010.04.07 22:41:30 | 000,000,000 | ---D | C] -- C:\Programme\Lavalys [2010.04.07 11:56:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.04.07 11:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.04.07 11:54:33 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe [2010.04.03 19:11:21 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Local\Microsoft Games [2010.04.03 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\codeblocks [2010.04.03 19:09:16 | 000,000,000 | ---D | C] -- C:\Programme\CodeBlocks [2010.04.01 18:57:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\AnimeVamp [2010.04.01 17:04:03 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\BOM [2010.04.01 17:03:37 | 000,209,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabctl32.ocx [2010.04.01 17:03:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscmcde.dll [2010.04.01 17:03:37 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6de.dll [2010.04.01 17:03:37 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstdfmt.dll [2010.04.01 17:03:37 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.ocx [2010.04.01 17:03:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Tabctde.dll [2010.04.01 17:03:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winskde.dll [2010.04.01 17:03:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stdftde.dll [2010.04.01 17:03:35 | 000,000,000 | ---D | C] -- C:\Programme\Biet-O-Matic [2010.03.31 22:18:44 | 000,203,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX [2010.03.31 22:18:42 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2010.03.31 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\Erigalus\AppData\Roaming\RouterControl [2010.03.31 16:34:42 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.03.31 16:34:41 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.03.31 16:34:41 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.03.31 03:58:24 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.04.29 17:26:01 | 002,359,296 | -HS- | M] () -- C:\Users\Erigalus\NTUSER.DAT [2010.04.29 14:41:38 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.29 14:40:36 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Erigalus\Desktop\OTL.exe [2010.04.29 14:39:59 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Erigalus\Desktop\mbam-setup-1.45.exe [2010.04.29 14:04:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.04.28 23:21:31 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.04.28 23:21:31 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.04.28 23:16:04 | 000,000,000 | ---- | M] () -- C:\t1mk.1 [2010.04.28 23:16:04 | 000,000,000 | ---- | M] () -- C:\t1mk [2010.04.28 23:16:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.04.28 23:15:59 | 000,406,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.04.28 23:15:32 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys [2010.04.28 23:14:04 | 003,088,362 | -H-- | M] () -- C:\Users\Erigalus\AppData\Local\IconCache.db [2010.04.19 14:21:46 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.04.19 14:21:46 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.04.19 14:21:46 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.04.19 14:21:46 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.04.19 14:21:46 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.04.18 18:39:29 | 000,000,000 | ---- | M] () -- C:\t22c.1 [2010.04.18 18:39:28 | 000,000,000 | ---- | M] () -- C:\t22c [2010.04.14 14:21:30 | 000,000,848 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys [2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.03.31 03:58:24 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl [2010.03.30 21:54:25 | 000,002,679 | ---- | M] () -- C:\Users\Erigalus\.recently-used.xbel [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.04.29 14:41:38 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.28 23:16:04 | 000,000,000 | ---- | C] () -- C:\t1mk.1 [2010.04.28 23:16:04 | 000,000,000 | ---- | C] () -- C:\t1mk [2010.04.18 18:39:29 | 000,000,000 | ---- | C] () -- C:\t22c.1 [2010.04.18 18:39:28 | 000,000,000 | ---- | C] () -- C:\t22c [2010.04.01 17:03:37 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll [2010.03.30 21:54:25 | 000,002,679 | ---- | C] () -- C:\Users\Erigalus\.recently-used.xbel [2010.03.19 21:54:28 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.01.30 23:41:36 | 000,000,000 | ---- | C] () -- C:\Windows\Wise Guys Klassenfahrt.ini [2010.01.28 18:56:33 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll [2010.01.23 21:01:47 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\277FE1A009.sys [2010.01.23 21:01:43 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2010.01.23 20:51:00 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll [2010.01.23 20:50:59 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2005.08.30 01:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\System32\RGSS102J.dll [2005.08.30 01:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\System32\RGSS102E.dll [2005.08.30 01:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > und die Extras.txt (Hoffe, die beiden sind die log-dateien^^): OTL Extras logfile created on: 29.04.2010 17:24:28 - Run 1 OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Erigalus\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free 4,00 Gb Paging File | 2,00 Gb Available in Paging File | 45,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 66,82 Gb Free Space | 44,84% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded Drive H: | 298,02 Gb Total Space | 202,05 Gb Free Space | 67,80% Space Free | Partition Type: FAT32 I: Drive not present or media not loaded Computer Name: ERIGALUS-PC Current User Name: Erigalus Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6 "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar "{153898EE-EECA-471E-8E33-C8485EA84C07}" = QSS Installation Program "{20140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 (Beta) "{20140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 (Beta) "{20140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 (Beta) "{20140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 (Beta) "{20140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 (Beta) "{20140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 (Beta) "{20140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 (Beta) "{20140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 (Beta) "{20140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 (Beta) "{20140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 (Beta) "{20140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 (Beta) "{20140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 (Beta) "{20140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 (Beta) "{20140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 (Beta) "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{247E0933-1877-4208-BF6A-B39E3015B148}" = soul.im "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F0AD6E9-83F8-40DB-8ED2-6534DC26B3C0}" = Opera 10.50 "{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}" = Paint.NET v3.5.2 "{5191F4D9-44E6-4711-AAD3-79865ACCE2DA}" = Alundo "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{5527CA99-AAEC-45E2-9EB9-CED0BB2FC2BD}" = MorphVOX Pro "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7DF3917D-4EDE-4075-B041-6048ECBF5C11}" = TP-LINK Client Installation Program "{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP "{9F78DB3D-4F90-4A10-AD0A-85C271C88106}" = Gothic 3 "{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6 "{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch "{B440D659-FECA-4BDD-A12B-5C9F05790FF3}" = Snagit 9.1.2 "{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator "{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "Any Video Converter_is1" = Any Video Converter 3.0.3 "Audacity_is1" = Audacity 1.2.6 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Biet-O-Matic v2.12.7" = Biet-O-Matic v2.12.7 "BroadCam" = BroadCam Video Streaming Server "Debut" = Debut Video Capture Software "Easy Thumbnails_is1" = Easy Thumbnails (Remove only) "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "FastFox" = FastFox "Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.02.026 "FileZilla Client" = FileZilla Client 3.3.2.1 "Flatcast_is1" = Flatcast Viewer Plugin 5.2.2.454 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "G3QP231012008_is1" = Questpaket 4 Update 1 Deinstallation "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "MySQL Servers and Clients 4.0.20d" = MySQL Servers and Clients 4.0.20d "NVIDIA Drivers" = NVIDIA Drivers "Office14.SingleImage" = Microsoft Office Professional 2010 "Prism" = Prism Video Converter "RouterControl" = RouterControl 2.0 "RPG Maker 2000 1.07b" = RPG Maker 2000 1.07b "RPG Maker VX RTP_is1" = RPG Maker VX RTP "RPG Maker VX_is1" = RPG Maker VX "RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts) "Ruby-186-27" = Ruby-186-27 "SAM3" = SAM3 (remove only) "Screensaver Factory 5 Pro_is1" = Screensaver Factory 5 Pro "SearchAnonymizer" = SearchAnonymizer "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 5" = TeamViewer 5 "ToolBox" = NCH Toolbox "Uninstall_is1" = Uninstall 1.0.0.1 "VideoPad" = VideoPad Video Editor "VLC media player" = VLC media player 1.0.1 "WinGimp-2.0_is1" = GIMP 2.6.8 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "Wise Guys Klassenfahrt_is1" = Wise Guys Klassenfahrt "Xilisoft HD Video Converter" = Xilisoft HD Video Converter ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CodeBlocks" = CodeBlocks ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.04.2010 11:33:41 | Computer Name = Erigalus-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel: 0x455814e4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002fc47 ID des fehlerhaften Prozesses: 0x254 Startzeit der fehlerhaften Anwendung: 0x01cae22e85077b5c Pfad der fehlerhaften Anwendung: C:\Program Files\Audacity\audacity.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 6da3a0dc-4e24-11df-b525-001e90ce0464 Error - 22.04.2010 11:40:32 | Computer Name = Erigalus-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel: 0x455814e4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002fc47 ID des fehlerhaften Prozesses: 0x1088 Startzeit der fehlerhaften Anwendung: 0x01cae23137f142dc Pfad der fehlerhaften Anwendung: C:\Program Files\Audacity\audacity.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 6219916c-4e25-11df-b525-001e90ce0464 Error - 22.04.2010 12:23:16 | Computer Name = Erigalus-PC | Source = Application Hang | ID = 1002 Description = Programm ICQ.exe, Version 7.1.0.2096 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a84 Startzeit: 01cae2164652c5a0 Endzeit: 494 Anwendungspfad: C:\Program Files\ICQ7.0\ICQ.exe Berichts-ID: 4d42cf15-4e2b-11df-b525-001e90ce0464 Error - 22.04.2010 13:54:10 | Computer Name = Erigalus-PC | Source = Avira AntiVir | ID = 4112 Description = Bei der Anforderung nach einer Resource des Betriebssystems trat ein Fehler auf. Die Resource 'ThreadInit' wurde nicht zugewiesen. Der Grund hierfür könnte zu wenig Hauptspeicher oder ein anderer Systemfehler sein. Fehlercode: 0x18 Error - 24.04.2010 12:22:57 | Computer Name = Erigalus-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: stdrt.exe, Version: 3.0.239.0, Zeitstempel: 0x4462f982 Name des fehlerhaften Moduls: oggflt.sft, Version: 1.0.1.0, Zeitstempel: 0x4460ff48 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00016300 ID des fehlerhaften Prozesses: 0xc3c Startzeit der fehlerhaften Anwendung: 0x01cae3ca075ee940 Pfad der fehlerhaften Anwendung: C:\Users\Erigalus\AppData\Local\Temp\mrt28B8.tmp\stdrt.exe Pfad des fehlerhaften Moduls: C:\Users\Erigalus\AppData\Local\Temp\mrt28B8.tmp\oggflt.sft Berichtskennung: a3fb7c28-4fbd-11df-94f6-001e90ce0464 Error - 24.04.2010 12:24:15 | Computer Name = Erigalus-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: teeworlds.exe, Version: 0.0.0.0, Zeitstempel: 0x4ae5e644 Name des fehlerhaften Moduls: FRAPS.DLL, Version: 0.0.0.0, Zeitstempel: 0x3ec7b387 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004c21 ID des fehlerhaften Prozesses: 0x9f8 Startzeit der fehlerhaften Anwendung: 0x01cae3ca84714478 Pfad der fehlerhaften Anwendung: C:\Users\Erigalus\Desktop\Games\PC-Spiele\teeworlds-0.5.2-win32\teeworlds.exe Pfad des fehlerhaften Moduls: C:\Fraps\FRAPS.DLL Berichtskennung: d2daff28-4fbd-11df-94f6-001e90ce0464 Error - 24.04.2010 12:51:15 | Computer Name = Erigalus-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: ePSXe.exe, Version: 0.0.0.0, Zeitstempel: 0x483816fa Name des fehlerhaften Moduls: gpu.dat, Version: 1.18.0.0, Zeitstempel: 0x482ebd2d Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000b5c5 ID des fehlerhaften Prozesses: 0x11b8 Startzeit der fehlerhaften Anwendung: 0x01cae3cc67103770 Pfad der fehlerhaften Anwendung: C:\Users\Erigalus\Downloads\epsxe170\ePSXe.exe Pfad des fehlerhaften Moduls: C:\Users\Erigalus\Downloads\epsxe170\plugins\gpu.dat Berichtskennung: 98479638-4fc1-11df-94f6-001e90ce0464 Error - 28.04.2010 17:00:07 | Computer Name = Erigalus-PC | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren werden. Error - 28.04.2010 17:00:08 | Computer Name = Erigalus-PC | Source = MsiInstaller | ID = 10005 Description = Error - 28.04.2010 17:00:08 | Computer Name = Erigalus-PC | Source = MsiInstaller | ID = 10005 Description = [ System Events ] Error - 20.04.2010 20:16:43 | Computer Name = Erigalus-PC | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen Status gemeldet: 32 Error - 21.04.2010 07:21:55 | Computer Name = Erigalus-PC | Source = WMPNetworkSvc | ID = 866300 Description = Error - 21.04.2010 19:09:05 | Computer Name = Erigalus-PC | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen Status gemeldet: 32 Error - 22.04.2010 13:54:31 | Computer Name = Erigalus-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Avira AntiVir Guard" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error - 22.04.2010 14:46:28 | Computer Name = Erigalus-PC | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen Status gemeldet: 32 Error - 22.04.2010 19:24:40 | Computer Name = Erigalus-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist. Error - 23.04.2010 12:56:52 | Computer Name = Erigalus-PC | Source = DCOM | ID = 10010 Description = Error - 28.04.2010 12:57:07 | Computer Name = Erigalus-PC | Source = DCOM | ID = 10010 Description = Error - 28.04.2010 17:14:29 | Computer Name = Erigalus-PC | Source = Service Control Manager | ID = 7016 Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen Status gemeldet: 32 Error - 28.04.2010 19:16:28 | Computer Name = Erigalus-PC | Source = Microsoft-Windows-HAL | ID = 12 Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist. < End of report > MfG, der freundliche Eri aus der Nachbarschaft. Geändert von Erigalus (29.04.2010 um 16:32 Uhr) |
29.04.2010, 20:05 | #2 | |
Administrator /// technical service | datei mit der endung *.img.scr und seitdem muckt mein ICQZitat:
|
Themen zu datei mit der endung *.img.scr und seitdem muckt mein ICQ |
adblock, alternate, any video converter, audacity, avgntflt.sys, components, corp./icp, document, excel.exe, extras.txt, firefox 3.6.3, firefox.exe, fontcache, install.exe, local\temp, location, malware.packer, microsoft office word, msiinstaller, ntdll.dll, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, otl.txt, plug-in, programdata, saver, sched.exe, searchplugins, shell32.dll, sptd.sys, start menu, studio, suchlauf, taskhost.exe, trojan.agent.ck, trojan.downloader, usb 2.0, video converter, vlc media player, webcheck, wireless lan |