|
Plagegeister aller Art und deren Bekämpfung: Antimailware Doktor BefallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.08.2010, 21:40 | #1 |
| Antimailware Doktor Befall Hey liebe Com, auch ich bin aufgrund irgendeiner Flash-Seite nicht von dem wohl nervigsten Plagegeist #1, dem Antimailware-Doctor, nicht verschont geblieben. Hab mir jetzt rkill.exe runtergeladen, damit alle Prozesse vom AMW-Doctor gestoppt werden und im Anschluss darauf zweimal Malwarebytes drüber scannen lassen. Nach nem Neustart tauchen aber bereits die altbekannten Probleme erneut auf und ein Hagel an Werbung und Nachrichten erscheint wie aus dem Nichts auf meinem Bildschirm. Es ist wirklich lästig, hoffentlich kann mir hier jemand helfen. Hier die log-files von MWB: Malwarebytes nach dem 1. Scan: Code:
ATTFilter 01.08.2010 11:53:55 mbam-log-2010-08-01 (11-53-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 232106 Laufzeit: 1 Stunde(n), 1 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Code:
ATTFilter Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 232280 Laufzeit: 3 Stunde(n), 1 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Code:
ATTFilter Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Chris\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Programme\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - c:\Programme\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) PRC - C:\Programme\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) PRC - c:\Programme\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.) PRC - C:\Programme\Apoint2K\Hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer VCM\VC.exe (Acer Incoporated) PRC - C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) PRC - C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Chris\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Programme\Acer\Acer PowerSmart Manager\SysHook.dll (Acer Incorporated) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (IGBASVC) -- c:\Programme\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (NTISchedulerSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (AlfaFF) -- C:\Windows\system32\drivers\AlfaFF.sys (Alfa Corporation) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys () DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (FPSensor) EgisTech-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\System32\drivers\FPSensor.sys (Egis) DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.) DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.) DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.) DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.) DRV - (hidshim) -- C:\Windows\System32\drivers\hidshim.sys (Windows (R) Codename Longhorn DDK provider) DRV - (nuvotonhidgeneric) -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys (Nuvoton Technology Corporation) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0809&m=aspire_7738 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://google.de/" FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.5.2.106 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101917&locale=de_DE&q=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.01 21:10:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.01 21:10:22 | 000,000,000 | ---D | M] [2009.12.19 21:48:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions [2010.07.31 22:54:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions [2009.12.23 13:18:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.02 19:20:37 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66} [2010.05.12 23:05:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009.12.30 06:18:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions\bookmarkpreviews@mozdev.org [2010.07.03 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\pwyzupcv.default\extensions\toolbar@ask.com [2010.08.01 15:12:07 | 000,002,253 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\askcom.xml [2010.01.03 19:11:01 | 000,002,163 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\bing.xml [2010.07.25 20:54:03 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin-1.xml [2010.07.04 05:19:39 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin-2.xml [2010.07.24 03:44:09 | 000,000,950 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin-3.xml [2010.05.12 23:05:43 | 000,000,168 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin.gif [2010.05.12 23:05:43 | 000,000,618 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin.src [2010.07.02 07:33:51 | 000,000,947 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Mozilla\FireFox\Profiles\pwyzupcv.default\searchplugins\icqplugin.xml [2010.08.01 21:31:48 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.07.29 12:08:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.08.01 21:31:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.09.21 10:59:40 | 001,275,296 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv501.dll [2010.08.01 21:10:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.08.01 21:10:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.08.01 21:10:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.08.01 21:10:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.08.01 21:10:19 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VitaKeyPdtWzd] c:\Programme\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ\ICQ6\ICQ.exe (ICQ, Inc.) O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\Programme\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ\ICQ6\ICQ.exe (ICQ, Inc.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ\ICQ6\ICQ.exe (ICQ, Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Users\Chris\AppData\Roaming\ogix.exe) - C:\Users\Chris\AppData\Roaming\ogix.exe File not found O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{d5ff9d22-1719-11df-82c5-001f16bdfc68}\Shell\AutoRun\command - "" = E:\Launcher.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.01 22:31:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe [2010.08.01 21:32:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.08.01 21:31:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.08.01 21:31:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.08.01 21:31:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.07.29 12:08:40 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.07.29 12:03:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Avira [2010.07.29 11:54:32 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.07.29 11:54:32 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.07.28 11:32:38 | 000,000,000 | ---D | C] -- C:\Users\Chris\Application Data [2010.07.27 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\HHB_MixP3_9458 [2010.07.27 18:03:03 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch [2010.07.27 14:13:14 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Malwarebytes [2010.07.27 14:12:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.27 14:12:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.27 14:12:53 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.07.27 14:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.07.27 12:34:58 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\fhtexjviw [2010.07.27 12:34:43 | 000,000,000 | -HSD | C] -- C:\Users\Chris\AppData\Roaming\lowsec [2010.07.27 12:34:34 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\09FD9C70E768F60812737987054A3AEF [2010.07.26 23:04:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\VDownloader [2010.07.19 13:52:29 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Satire_-_I Need Aufmerksamkeit [2010.07.18 12:23:17 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Eminem - Recovery (2010) [2010.07.15 18:50:41 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\30 Seconds to Mars - This is War [2010.07.15 18:49:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\30 Seconds to Mars - A Beautiul Lie [2010.07.11 11:55:07 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Curren$y - Pilot Talk 2010 Retail [2010.07.08 20:45:20 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Hip Hop EJay 6 [2009.08.25 04:04:27 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll ========== Files - Modified Within 30 Days ========== [2010.08.01 22:35:48 | 002,097,152 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT [2010.08.01 22:35:10 | 000,768,000 | ---- | M] () -- C:\Windows\System32\drivers\jkqff.sys [2010.08.01 22:31:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe [2010.08.01 22:18:28 | 004,687,026 | ---- | M] () -- C:\Users\Chris\Desktop\Speedin - Rick Ross ft R. Kelly.mp3 [2010.08.01 22:01:04 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.01 21:13:25 | 002,156,962 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.01 21:13:25 | 001,060,534 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.01 21:13:25 | 000,555,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.01 21:13:24 | 000,625,822 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.01 21:13:24 | 000,004,926 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.01 21:08:24 | 000,111,608 | ---- | M] () -- C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT [2010.08.01 21:08:22 | 002,328,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.01 21:08:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.01 21:08:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.01 21:08:09 | 000,064,943 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.08.01 21:08:00 | 000,064,943 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.08.01 21:07:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.01 21:07:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.01 21:07:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.01 21:07:03 | 3215,814,656 | -HS- | M] () -- C:\hiberfil.sys [2010.08.01 21:06:10 | 000,524,288 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2010.08.01 21:06:10 | 000,065,536 | -HS- | M] () -- C:\Users\Chris\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2010.08.01 21:06:08 | 002,482,493 | -H-- | M] () -- C:\Users\Chris\AppData\Local\IconCache.db [2010.08.01 12:34:38 | 005,448,547 | ---- | M] () -- C:\Users\Chris\Desktop\The Way (Original Mix) - Klaas.mp3 [2010.07.29 12:15:46 | 000,363,520 | ---- | M] () -- C:\Users\Chris\Desktop\rkill.exe [2010.07.29 12:11:29 | 000,007,808 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat [2010.07.29 11:59:47 | 000,027,872 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\UserTile.png [2010.07.27 19:57:56 | 005,752,822 | ---- | M] () -- C:\Users\Chris\Desktop\Klaas Feat. Jasper Forks - River Flows In You (Eclipse Vocal Version) (Klaas Club Mix).mp3 [2010.07.27 19:04:17 | 011,784,645 | ---- | M] () -- C:\Users\Chris\Desktop\Lady_Gaga_-_Bad_Romance_ALX.mp3 [2010.07.27 14:12:57 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.26 23:15:52 | 000,050,688 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.26 13:40:19 | 027,197,627 | ---- | M] () -- C:\Users\Chris\Desktop\Computerbild_16-2010.rar [2010.07.25 22:59:18 | 734,113,792 | ---- | M] () -- C:\Users\Chris\Desktop\crcl-kampg.der.titanen.bdrip-cd1.avi [2010.07.25 21:46:28 | 742,584,872 | ---- | M] () -- C:\Users\Chris\Desktop\Toy.Story.3.2010.German.MD.DVDSCREENER.Xvid.Chefflo.rar [2010.07.24 13:20:40 | 209,715,200 | ---- | M] () -- C:\Users\Chris\Desktop\D2J_T33ies54to_-_Kale54idot4scope__2009_.part1.rar [2010.07.20 15:11:12 | 742,595,214 | ---- | M] () -- C:\Users\Chris\Desktop\Moon.DVDRip.MD.German.XviD-XCOPY.rar [2010.07.17 19:45:55 | 741,232,609 | ---- | M] () -- C:\Users\Chris\Desktop\Das.Zimmer.im.Spiegel.German.DVDRip.XviD-LOGiCAL.rar [2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.07.15 18:55:09 | 117,447,300 | ---- | M] () -- C:\Users\Chris\Desktop\30.Seconds.To.Mars.30.Seconds.To.Mars.2002.320kbps.rar [2010.07.13 16:36:58 | 840,846,550 | ---- | M] () -- C:\Users\Chris\Desktop\tor1.rar [2010.07.10 16:11:21 | 053,038,035 | ---- | M] () -- C:\Users\Chris\Desktop\Ignition.rar [2010.07.10 12:01:45 | 000,077,426 | ---- | M] () -- C:\Users\Chris\Desktop\exponentialfunktion (1).jpg [2010.07.10 11:59:14 | 000,118,894 | ---- | M] () -- C:\Users\Chris\Desktop\ableitungen & stammfunktionen.jpg [2010.07.10 02:06:38 | 000,332,184 | ---- | M] () -- C:\Users\Chris\Desktop\Cover.jpg [2010.07.10 00:23:08 | 000,334,627 | ---- | M] () -- C:\Users\Chris\Desktop\20 Jahre.jpg [2010.07.09 23:15:46 | 000,924,049 | ---- | M] () -- C:\Users\Chris\Desktop\cdtemplate-300dpi-v2.zip [2010.07.04 15:47:42 | 680,132,418 | ---- | M] () -- C:\Users\Chris\Desktop\Corel.VideoStudio.Pro.X3.v13.6.2.36.Multilingual.Incl.Keymaker-CORE.rar ========== Files Created - No Company Name ========== [2010.08.01 22:10:14 | 004,687,026 | ---- | C] () -- C:\Users\Chris\Desktop\Speedin - Rick Ross ft R. Kelly.mp3 [2010.08.01 12:34:22 | 005,448,547 | ---- | C] () -- C:\Users\Chris\Desktop\The Way (Original Mix) - Klaas.mp3 [2010.07.29 12:15:24 | 000,363,520 | ---- | C] () -- C:\Users\Chris\Desktop\rkill.exe [2010.07.27 19:57:36 | 005,752,822 | ---- | C] () -- C:\Users\Chris\Desktop\Klaas Feat. Jasper Forks - River Flows In You (Eclipse Vocal Version) (Klaas Club Mix).mp3 [2010.07.27 19:02:25 | 011,784,645 | ---- | C] () -- C:\Users\Chris\Desktop\Lady_Gaga_-_Bad_Romance_ALX.mp3 [2010.07.27 14:12:57 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.07.27 12:37:35 | 000,768,000 | ---- | C] () -- C:\Windows\System32\drivers\jkqff.sys [2010.07.26 13:39:26 | 027,197,627 | ---- | C] () -- C:\Users\Chris\Desktop\Computerbild_16-2010.rar [2010.07.25 22:22:36 | 734,113,792 | ---- | C] () -- C:\Users\Chris\Desktop\crcl-kampg.der.titanen.bdrip-cd1.avi [2010.07.25 18:44:39 | 742,584,872 | ---- | C] () -- C:\Users\Chris\Desktop\Toy.Story.3.2010.German.MD.DVDSCREENER.Xvid.Chefflo.rar [2010.07.24 12:20:18 | 209,715,200 | ---- | C] () -- C:\Users\Chris\Desktop\D2J_T33ies54to_-_Kale54idot4scope__2009_.part1.rar [2010.07.20 14:47:53 | 742,595,214 | ---- | C] () -- C:\Users\Chris\Desktop\Moon.DVDRip.MD.German.XviD-XCOPY.rar [2010.07.17 19:21:38 | 741,232,609 | ---- | C] () -- C:\Users\Chris\Desktop\Das.Zimmer.im.Spiegel.German.DVDRip.XviD-LOGiCAL.rar [2010.07.15 18:49:32 | 117,447,300 | ---- | C] () -- C:\Users\Chris\Desktop\30.Seconds.To.Mars.30.Seconds.To.Mars.2002.320kbps.rar [2010.07.13 13:01:48 | 840,846,550 | ---- | C] () -- C:\Users\Chris\Desktop\tor1.rar [2010.07.10 16:10:04 | 053,038,035 | ---- | C] () -- C:\Users\Chris\Desktop\Ignition.rar [2010.07.10 12:01:45 | 000,077,426 | ---- | C] () -- C:\Users\Chris\Desktop\exponentialfunktion (1).jpg [2010.07.10 11:59:14 | 000,118,894 | ---- | C] () -- C:\Users\Chris\Desktop\ableitungen & stammfunktionen.jpg [2010.07.10 02:06:33 | 000,332,184 | ---- | C] () -- C:\Users\Chris\Desktop\Cover.jpg [2010.07.10 00:22:57 | 000,334,627 | ---- | C] () -- C:\Users\Chris\Desktop\20 Jahre.jpg [2010.07.09 23:15:51 | 003,114,841 | ---- | C] () -- C:\Users\Chris\Desktop\CD Template - 300 dpi - minimal.psd [2010.07.09 23:15:46 | 000,924,049 | ---- | C] () -- C:\Users\Chris\Desktop\cdtemplate-300dpi-v2.zip [2010.07.08 20:26:10 | 093,649,256 | ---- | C] () -- C:\Users\Chris\Desktop\Die Zeit - Studienfuehrer 2010 2011(VOLUMEN).pdf [2010.07.04 15:25:20 | 680,132,418 | ---- | C] () -- C:\Users\Chris\Desktop\Corel.VideoStudio.Pro.X3.v13.6.2.36.Multilingual.Incl.Keymaker-CORE.rar [2010.01.17 16:47:39 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.08.24 19:48:10 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini [2009.08.24 19:26:48 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini [2009.03.12 12:32:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini [2009.02.13 02:50:52 | 000,097,792 | ---- | C] () -- C:\Windows\System32\INT15_64.dll [2009.02.13 02:50:52 | 000,081,920 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009.02.13 02:50:52 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2009.02.13 02:50:52 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2009.02.13 02:50:04 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll [2009.02.11 22:03:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2009.02.11 22:03:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2009.02.11 22:03:57 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI < End of report > Code:
ATTFilter Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0138D96D-4148-4A63-AA48-763941D6EDED}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{0D36C13C-7FB3-47DC-A2B2-30617ACF850D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{117AEC48-AE2A-48F8-BED1-6902B6AA3796}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{28DE1051-8B56-49D7-9E97-B362FF06194B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{298E364F-795A-4511-9B12-C5DDA5DB0756}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2EC72400-497D-4218-BF7D-38A207B6F9CB}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | "{30A7301C-E8EF-4405-A72C-76191636EE5C}" = lport=5357 | protocol=6 | dir=in | app=system | "{4A2D6576-B03E-48FB-A799-69DE7533A27B}" = rport=5358 | protocol=6 | dir=out | app=system | "{562414F6-0ABD-4C1D-B503-86A9D48C728B}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{57BF3C22-4919-4F0B-ADB0-34D7040A88E6}" = rport=5357 | protocol=6 | dir=out | app=system | "{60FBE465-B767-4934-9B85-823098AB46D7}" = lport=2869 | protocol=6 | dir=in | app=system | "{6C979F17-A983-485F-96A2-19C032B35685}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{74365EA1-2689-42CF-84C7-C7B06642BA06}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | "{7D25537E-D59A-4371-8885-032222227932}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{8042AF08-32BD-445D-8D6D-2DDBD5769AB9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{976920C5-7F79-4D4E-A2A4-9ECFEC705925}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{A028A2EE-FC5F-445A-9D9C-FA8D753AF994}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{A4F1CCE8-6E94-4691-80C9-7B6B39CF41DC}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{ADF14F6B-A0FB-4E26-9209-6190EEBB80B4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{B1F0FA51-C0AB-4427-8758-7558D0199544}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{B50FB41C-5044-4CF3-A100-7EB25E7B0913}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | "{BDE33658-03B4-4DA9-B084-830166DE09A8}" = lport=5358 | protocol=6 | dir=in | app=system | "{C733094B-1CD1-4DB4-B21D-B0A4C318F7C2}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{CD21E486-81EF-4F9A-B9DC-FA29D1C75DE8}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{D2896717-02A1-43D6-A942-2FAF27A1FFD5}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{DDB48B28-1925-4C24-B8BB-C9117851ED0A}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{E55755ED-9B32-49B3-A829-CE9E6DF1848D}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{E7F1BB9B-127A-45FE-AEE7-5C5AE6AE6077}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | "{E938D2C8-7B4A-4D7F-A489-E55014671011}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{FE6AF13E-C974-43EB-9278-6605E2C489D7}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04BC4E07-D8C6-4E51-B443-330292BCF5A7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{0770F749-3C86-4106-A83C-9CF3917F6AF4}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | "{08E410E7-909F-43C6-8ECC-0271B84C7B65}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{13732659-D399-4136-A1ED-AD7993328D34}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{28207A50-785A-4784-87A7-4893D2588EFC}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | "{2C6ADC39-542E-45C3-BC92-E2914A107935}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | "{414A97AC-03CC-4F0D-8A73-C36CCA29F5C4}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{440DB6EF-1385-4025-933E-D8FE3F67DDCE}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{5313AC02-12C2-4A9B-91B7-8EF37CB4279C}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{6448469B-9953-443E-BAC2-E2A7E261523C}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | "{6C3C92CC-A354-4162-A1E5-814FFB63AF89}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{72337931-BB25-4479-862B-4B62A81FA72F}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | "{79254341-656A-492F-8D0A-6027B2729A46}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{84CD8242-15EA-4FB0-9B55-F2E4FD7D236C}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{92706B80-EDBC-4D50-A265-33E2D0903717}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{9AE508E4-CCBE-4D3A-B87A-FD4B209BD07E}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{9BA44346-55C4-459B-9B1E-3B62111B63C0}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{AFFDB9E3-67A6-4A57-B8F6-17057CBE9112}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | "{C0D51E5A-B202-4E67-995B-7A97DCD2BD17}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe | "{C6EB2B9D-7C37-4AF6-AAE9-0D6D7B69D082}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{C8C738D8-1B7D-47F9-924F-FD3E163FCAD0}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{D1761086-0A5C-476B-B053-CCF3F0119874}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe | "{D22717E2-1953-4A56-8D3A-B12977D3C1BD}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | "{DBC3A10A-2423-4004-BEBC-4049B62284B9}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{DE0A2BE2-9E19-4584-A4AE-83601ECD6F66}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{E2B9A895-1DFF-484F-A74D-9A649B26B079}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{E84D0F18-C5D5-4AAD-821F-D9AA76C341C9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{E9AFDCF0-5A42-4909-847C-457985B71915}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{ED829439-83C3-4AC2-A948-C5D0BC05E34B}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe | "TCP Query User{223EF69D-63B6-44C6-B46C-F6B0D9651FC1}C:\program files\metin2 de\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2 de\metin2.bin | "TCP Query User{48E8F8C1-273B-4D6C-AE9A-DC833C1920E3}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{4FDB7A7F-027D-42A4-BA87-B2AFF5D00C7F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{5994F3AF-DF8F-4A2B-8180-BDE9E3C24796}C:\users\chris\appdata\local\virtualstore\program files\realworks\metin2client.bin" = protocol=6 | dir=in | app=c:\users\chris\appdata\local\virtualstore\program files\realworks\metin2client.bin | "TCP Query User{600494BC-CB7C-466E-976C-5F74E6903167}C:\users\chris\appdata\local\virtualstore\program files\realworks\metin2.bin" = protocol=6 | dir=in | app=c:\users\chris\appdata\local\virtualstore\program files\realworks\metin2.bin | "TCP Query User{9E3C9EA0-7D03-47B6-875D-96DB74687A57}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe | "TCP Query User{B2E112F5-F5D7-45C7-BC0B-58798D4E31E7}C:\program files\realworks\metin2.bin" = protocol=6 | dir=in | app=c:\program files\realworks\metin2.bin | "TCP Query User{D5FD3BBD-E759-4E91-9A1C-B8E45E25B1B6}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{E429B990-3DBE-46B1-AC4F-AFA88A8C7B89}C:\program files\realworks\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\realworks\metin2client.bin | "TCP Query User{ED05B331-7306-4A2D-BD45-EC9DFC4F269E}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe | "UDP Query User{22B179EE-7A77-4349-AE0B-C10AA2711E61}C:\program files\realworks\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\realworks\metin2client.bin | "UDP Query User{39143638-4170-4774-ADFB-55C869FCF553}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{7AA242CD-C181-49C6-B596-4145230B1405}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{7F9DDEF0-BDED-4B5C-B4B7-46466A7382D3}C:\program files\realworks\metin2.bin" = protocol=17 | dir=in | app=c:\program files\realworks\metin2.bin | "UDP Query User{A97448DA-C397-474A-B109-06FE0BD5FD57}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe | "UDP Query User{B6774D48-4271-4C9C-998E-3C136412EF3C}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe | "UDP Query User{B87F8333-7EBD-4C4E-A076-119F8F88B782}C:\users\chris\appdata\local\virtualstore\program files\realworks\metin2.bin" = protocol=17 | dir=in | app=c:\users\chris\appdata\local\virtualstore\program files\realworks\metin2.bin | "UDP Query User{C086AB2C-CD51-4039-AA8E-28BB3CABCD21}C:\program files\metin2 de\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2 de\metin2.bin | "UDP Query User{D4E6D801-F83C-4752-9DF1-5084E22691B7}C:\users\chris\appdata\local\virtualstore\program files\realworks\metin2client.bin" = protocol=17 | dir=in | app=c:\users\chris\appdata\local\virtualstore\program files\realworks\metin2client.bin | "UDP Query User{FD0C5D30-1802-4E3A-B3E1-2DEF0AA062E5}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 21 "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}" = Fingerprint Solution "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6 "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1 "{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}" = Cradle of Rome "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}" = Dream Day Wedding "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}" = Dream Day Honeymoon "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}" = Cake Mania 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_WORD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_WORD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_WORD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 2.9.443 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax "{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Ultra Edition "{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM "{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.79.326 "{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "Acer Screensaver" = Acer ScreenSaver "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Azureus" = Azureus "Cultures - Die Entdeckung Vinlands" = Cultures - Die Entdeckung Vinlands "eMule" = eMule "Flatcast_is1" = Flatcast Viewer Plugin 5.0.356 "Free Audio Converter_is1" = Free Audio Converter version 1.2 "Google Desktop" = Google Desktop "GridVista" = Acer GridVista "ICQToolbar" = ICQ Toolbar "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{565A39D6-4FB0-4F35-A2AC-0DC66ACC3520}" = Acer Bio Protection "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun "IsoBuster_is1" = IsoBuster 2.7 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NVIDIA Drivers" = NVIDIA Drivers "Uninstall_is1" = Uninstall 1.0.0.1 "Vampirsagа - Büchse der Pandora" = Vampirsagа - Büchse der Pandora "VLC media player" = VLC media player 1.0.3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 16.06.2010 19:36:56 | Computer Name = Chris-PC | Source = LoadPerf | ID = 3011 Description = Error - 23.06.2010 07:04:24 | Computer Name = Chris-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung javaw.exe, Version 6.0.180.7, Zeitstempel 0x4b2aa6d3, fehlerhaftes Modul java.dll, Version 6.0.180.7, Zeitstempel 0x4b2ad748, Ausnahmecode 0xc0000005, Fehleroffset 0x00005875, Prozess-ID 0x1a04, Anwendungsstartzeit 01cb12c3cfb37b40. Error - 24.06.2010 11:46:23 | Computer Name = Chris-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Dwm.exe, Version 6.0.6001.18000, Zeitstempel 0x47918c97, fehlerhaftes Modul nvd3dum.dll, Version 8.15.11.8624, Zeitstempel 0x4a4102c3, Ausnahmecode 0xc0000005, Fehleroffset 0x00396d33, Prozess-ID 0x578, Anwendungsstartzeit 01cb0dabe7b49fcf. Error - 26.06.2010 05:36:24 | Computer Name = Chris-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Dwm.exe, Version 6.0.6001.18000, Zeitstempel 0x47918c97, fehlerhaftes Modul nvd3dum.dll, Version 8.15.11.8624, Zeitstempel 0x4a4102c3, Ausnahmecode 0xc0000005, Fehleroffset 0x00396d33, Prozess-ID 0x1380, Anwendungsstartzeit 01cb13b4679d8a90. Error - 30.06.2010 02:40:12 | Computer Name = Chris-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung javaw.exe, Version 6.0.180.7, Zeitstempel 0x4b2aa6d3, fehlerhaftes Modul java.dll, Version 6.0.180.7, Zeitstempel 0x4b2ad748, Ausnahmecode 0xc0000005, Fehleroffset 0x00005875, Prozess-ID 0x1950, Anwendungsstartzeit 01cb181f14906010. Error - 04.07.2010 04:28:30 | Computer Name = Chris-PC | Source = WinMgmt | ID = 10 Description = Error - 04.07.2010 04:34:36 | Computer Name = Chris-PC | Source = LoadPerf | ID = 3012 Description = Error - 04.07.2010 04:34:36 | Computer Name = Chris-PC | Source = LoadPerf | ID = 3012 Description = Error - 04.07.2010 04:34:36 | Computer Name = Chris-PC | Source = LoadPerf | ID = 3011 Description = Error - 07.07.2010 02:04:46 | Computer Name = Chris-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung javaw.exe, Version 6.0.180.7, Zeitstempel 0x4b2aa6d3, fehlerhaftes Modul java.dll, Version 6.0.180.7, Zeitstempel 0x4b2ad748, Ausnahmecode 0xc0000005, Fehleroffset 0x00005875, Prozess-ID 0x934, Anwendungsstartzeit 01cb1d9a4c577440. [ System Events ] Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 04:41:17 | Computer Name = Chris-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 01.08.2010 15:07:55 | Computer Name = Chris-PC | Source = HTTP | ID = 15016 Description = Error - 01.08.2010 15:08:26 | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000 Description = Error - 01.08.2010 16:03:50 | Computer Name = Chris-PC | Source = iaStor | ID = 262153 Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. < End of report > Gruß, Flare |
03.08.2010, 11:35 | #2 |
/// Selecta Jahrusso | Antimailware Doktor BefallEine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 Erkläre mir mal was das ist ? [2010.07.04 15:25:20 | 680,132,418 | ---- | C] () -- C:\Users\Chris\Desktop\Corel.VideoStudio.Pro.X3.v13.6.2.36.Multilingual.Incl.Keymaker-CORE.rar
__________________ |
09.08.2010, 12:38 | #3 |
/// Selecta Jahrusso | Antimailware Doktor Befall Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PN an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere eröffnet bitte einen eigenen Thread.
__________________ |
Themen zu Antimailware Doktor Befall |
0x00000001, agere systems, antivir, ask toolbar, ask.com, autorun, avgntflt.sys, avira, bho, components, converter, corp./icp, desktop, dwm.exe, error, excel, excel.exe, firefox, firefox.exe, flash player, google, iastor.sys, install.exe, internet, internet explorer, intranet, launch, locker, log-files, metin2, microsoft office word, mozilla, mywinlocker, national, nvlddmkm.sys, nvstor.sys, office 2007, oldtimer, otl.exe, plug-in, popup, programdata, prozesse, realtek, registry, rogue.antimalwaredoctor, rundll, saver, scan, sched.exe, searchplugins, security, shell32.dll, software, start menu, svchost.exe, vlc media player, werbung, windows |