| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: seltsame Musik im Browser Trojaner?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
08.08.2010, 12:19
| #1 |
| |  seltsame Musik im Browser Trojaner? Hi, ich mich hier schon durch ein paar Threads von mehreren Leuten gelesen die so ein ähnliches Problem hatten wie ich. Es kommt einfach irgendeine Musik aus meinen Boxen, die ich noch nie gehört hab, jedoch keinen Kampflärm. Seltsam ist auch, das die Musik nur kommt wenn ich im Internetbrowser surfe. Sobald der Browser aus is, ist auch die Musik aus. Ich habe mal ein paar Scans mit von euch empfohlenen Programmen durchgefürht. MBRCheck: PHP-Code: dieses File hab ich dann gelöscht und wie von euch beschrieben ein paar Einstellungen geändert und einen neuen Scan durchgeführt MBRCheck: PHP-Code: PHP-Code: OTL Logfile: Code:
ATTFilter OTL logfile created on: 08.08.2010 12:26:57 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 65,00 Gb Total Space | 11,31 Gb Free Space | 17,40% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded Drive F: | 400,76 Gb Total Space | 360,70 Gb Free Space | 90,00% Space Free | Partition Type: NTFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: *****-PC Current User Name: ***** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Manuel\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software) PRC - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe () PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () ========== Modules (SafeList) ========== MOD - C:\Users/*****\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (OS Selector) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe () ========== Driver Services (SafeList) ========== DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files (x86)\Messenger_Plus_Live_Germany\tbMess.dllഀ File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2567732 IE - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files (x86)\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.21 23:29:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.14 22:30:47 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions [2010.06.14 22:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files (x86)\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Program Files (x86)\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Program Files (x86)\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-4294236280-299869525-1871705385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpFolder: C:^Users^Manuel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - () MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AlcoholAutomount - hkey= - key= - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe File not found MsConfig:64bit - StartUpReg: Comrade.exe - hkey= - key= - C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: ICQ - hkey= - key= - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Steam - hkey= - key= - c:\program files (x86)\valve\steam\steam.exe (Valve Corporation) MsConfig:64bit - State: "bootini" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010.08.08 03:05:35 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2010.08.08 02:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2010.08.08 02:00:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.08.08 02:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.08.08 01:58:26 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\*****\Desktop\mbam-setup.exe [2010.08.08 01:53:28 | 041,623,735 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Manuel\Desktop\Vista_Win7_R250_x64.exe [2010.08.04 01:08:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\nHancer [2010.08.04 01:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2010.08.04 01:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\nHancer [2010.08.02 01:08:23 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\CAPCOM [2010.08.01 03:09:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Risen [2010.08.01 03:01:35 | 000,000,000 | ---D | C] -- C:\Windows\1C4551A64743409391E41477CD655043.TMP [2010.08.01 01:24:22 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Microsoft Games [2010.07.30 17:19:39 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP [2010.07.30 12:50:23 | 000,000,000 | ---D | C] -- C:\Windows\Acronis [2010.07.30 12:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2010.07.30 12:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis [2010.07.30 12:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis [2010.07.29 00:26:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010.07.26 22:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2010.07.26 22:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger_Plus_Live_Germany [2010.07.26 22:21:45 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Verlauf [2010.07.25 14:31:36 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Override [2010.07.25 14:04:37 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\The Witcher [2010.07.25 13:30:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.07.25 13:28:57 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010.07.25 13:28:57 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.07.25 13:28:52 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010.07.25 13:28:52 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010.07.25 13:28:48 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010.07.25 13:28:48 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010.07.25 13:28:43 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010.07.25 13:28:43 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010.07.25 13:28:43 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010.07.25 12:45:56 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Local\GaHero [2010.07.25 00:11:48 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Tortured Demo (Roh) [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.08.08 12:27:46 | 002,097,152 | -HS- | M] () -- C:\Users\*****\NTUSER.DAT [2010.08.08 12:23:05 | 000,869,051 | ---- | M] () -- C:\Users\*****\Desktop\SecurityCheck.exe [2010.08.08 12:11:06 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.08 11:44:44 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.08 11:44:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.08 11:44:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.08 11:44:29 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2010.08.08 03:34:05 | 009,950,663 | -H-- | M] () -- C:\Users\*****\AppData\Local\IconCache.db [2010.08.08 03:05:36 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Desktop\OTL.exe [2010.08.08 02:56:50 | 002,672,312 | ---- | M] () -- C:\Users\*****\Desktop\esetsmartinstaller_deu.exe [2010.08.08 02:55:28 | 000,001,007 | ---- | M] () -- C:\Users\*****\Desktop\CCleaner.lnk [2010.08.08 02:38:41 | 000,080,384 | ---- | M] () -- C:\Users\*****\Desktop\MBRCheck.exe [2010.08.08 02:00:05 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.08 01:59:10 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\*****\Desktop\mbam-setup.exe [2010.08.08 01:56:09 | 041,623,735 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\*****\Desktop\Vista_Win7_R250_x64.exe [2010.08.04 01:08:11 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\nHancer.lnk [2010.08.01 03:00:54 | 000,000,978 | ---- | M] () -- C:\Users\*****\Desktop\Risen.exe.lnk [2010.07.30 18:06:22 | 000,000,746 | ---- | M] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.07.30 14:42:10 | 000,000,274 | ---- | M] () -- C:\Windows\game.ini [2010.07.30 12:48:44 | 000,001,270 | ---- | M] () -- C:\Users\Public\Desktop\Acronis*Disk*Director*Home.lnk [2010.07.26 01:13:15 | 000,008,349 | ---- | M] () -- C:\Users\*****\Documents\Fingeruebung15.gp5 [2010.07.26 01:09:45 | 000,006,829 | ---- | M] () -- C:\Users\*****\Documents\Fingeruebung11.gp5 [2010.07.26 00:40:14 | 000,082,823 | ---- | M] () -- C:\Users\*****\Documents\reflection_ver2.gp3 [2010.07.25 14:31:30 | 004,091,786 | ---- | M] () -- C:\Users\*****\Documents\schwertschlag 3.rar [2010.07.25 14:21:53 | 000,668,226 | ---- | M] () -- C:\Users\*****\Documents\jData.rar [2010.07.25 13:24:45 | 958,620,489 | ---- | M] () -- C:\Users\*****\Documents\Gothic_3_Community_Patch_v1.74_Int_Full_b.zip [2010.07.25 12:43:26 | 000,037,531 | ---- | M] () -- C:\Users\*****\Documents\Tuning-Guide Tool.zip [2010.07.25 12:40:13 | 000,222,564 | ---- | M] () -- C:\Users\*****\Documents\Gametool4.2.zip [2010.07.25 00:12:09 | 000,017,148 | -HS- | M] () -- C:\Users\*****\Documents\Folder.jpg [2010.07.25 00:12:09 | 000,017,148 | -HS- | M] () -- C:\Users\*****\Documents\AlbumArt_{201A3C3C-A2A9-453D-A886-5B526629CB1C}_Large.jpg [2010.07.25 00:12:09 | 000,005,151 | -HS- | M] () -- C:\Users\*****\Documents\AlbumArtSmall.jpg [2010.07.25 00:12:09 | 000,005,151 | -HS- | M] () -- C:\Users\*****\Documents\AlbumArt_{201A3C3C-A2A9-453D-A886-5B526629CB1C}_Small.jpg [2010.07.22 21:46:47 | 002,541,072 | ---- | M] () -- C:\Users\*****\Documents\cfosspeed-x64-v452.exe [2010.07.10 00:38:00 | 014,092,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010.07.10 00:38:00 | 010,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010.07.10 00:38:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2010.07.10 00:38:00 | 005,107,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010.07.10 00:38:00 | 004,553,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010.07.10 00:38:00 | 002,892,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010.07.10 00:38:00 | 002,506,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010.07.10 00:38:00 | 001,625,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010.07.10 00:38:00 | 000,314,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010.07.10 00:38:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.08.08 12:22:53 | 000,869,051 | ---- | C] () -- C:\Users\*****\Desktop\SecurityCheck.exe [2010.08.08 02:56:46 | 002,672,312 | ---- | C] () -- C:\Users\*****\Desktop\esetsmartinstaller_deu.exe [2010.08.08 02:38:41 | 000,080,384 | ---- | C] () -- C:\Users\*****\Desktop\MBRCheck.exe [2010.08.08 02:00:05 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.04 01:08:11 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\nHancer.lnk [2010.08.01 03:02:37 | 000,000,978 | ---- | C] () -- C:\Users\*****\Desktop\Risen.exe.lnk [2010.07.30 18:06:22 | 000,000,746 | ---- | C] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.07.30 14:42:10 | 000,000,274 | ---- | C] () -- C:\Windows\game.ini [2010.07.30 12:48:44 | 000,001,270 | ---- | C] () -- C:\Users\Public\Desktop\Acronis*Disk*Director*Home.lnk [2010.07.26 01:13:14 | 000,008,349 | ---- | C] () -- C:\Users\*****\Documents\Fingeruebung15.gp5 [2010.07.26 01:09:45 | 000,006,829 | ---- | C] () -- C:\Users\*****\Documents\Fingeruebung11.gp5 [2010.07.26 00:40:14 | 000,082,823 | ---- | C] () -- C:\Users\*****\Documents\reflection_ver2.gp3 [2010.07.25 14:31:26 | 004,091,786 | ---- | C] () -- C:\Users\*****\Documents\schwertschlag 3.rar [2010.07.25 14:21:53 | 000,668,226 | ---- | C] () -- C:\Users\*****\Documents\jData.rar [2010.07.25 12:47:01 | 958,620,489 | ---- | C] () -- C:\Users\*****\Documents\Gothic_3_Community_Patch_v1.74_Int_Full_b.zip [2010.07.25 12:43:26 | 000,037,531 | ---- | C] () -- C:\Users\*****\Documents\Tuning-Guide Tool.zip [2010.07.25 12:40:13 | 000,222,564 | ---- | C] () -- C:\Users\*****\Documents\Gametool4.2.zip [2010.07.25 00:12:09 | 000,017,148 | -HS- | C] () -- C:\Users\*****\Documents\AlbumArt_{201A3C3C-A2A9-453D-A886-5B526629CB1C}_Large.jpg [2010.07.25 00:12:09 | 000,005,151 | -HS- | C] () -- C:\Users\*****\Documents\AlbumArt_{201A3C3C-A2A9-453D-A886-5B526629CB1C}_Small.jpg [2010.07.25 00:11:48 | 000,017,148 | -HS- | C] () -- C:\Users\*****\Documents\Folder.jpg [2010.07.25 00:11:48 | 000,005,151 | -HS- | C] () -- C:\Users\*****\Documents\AlbumArtSmall.jpg [2010.07.22 21:46:43 | 002,541,072 | ---- | C] () -- C:\Users\*****\Documents\cfosspeed-x64-v452.exe [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.01.02 13:08:01 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2009.10.17 15:55:41 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll [2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll ========== LOP Check ========== [2010.07.04 22:38:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\10-Sekunden-Haushaltsbuch [2010.02.21 00:42:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Activision [2009.10.17 16:27:23 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Auslogics [2010.03.31 22:42:33 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canneverbe Limited [2009.12.31 15:03:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DAEMON Tools Lite [2009.12.28 03:38:12 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DeepBurner [2010.06.05 01:29:17 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\GetRightToGo [2010.08.08 01:45:20 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2010.07.30 03:40:30 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\kikin [2010.08.04 01:08:40 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\nHancer [2009.11.15 13:14:41 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org [2009.10.17 14:57:50 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Opera [2009.12.13 02:13:02 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\SharePod [2010.06.14 22:30:44 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird [2010.06.03 23:38:09 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ubisoft [2010.07.30 12:53:25 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.07.04 22:38:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\10-Sekunden-Haushaltsbuch [2010.02.21 00:42:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Activision [2009.12.14 23:21:54 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Adobe [2009.12.13 01:46:36 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Apple Computer [2009.10.17 16:27:23 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Auslogics [2010.03.31 22:42:33 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canneverbe Limited [2009.12.31 15:03:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DAEMON Tools Lite [2009.12.28 03:38:12 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DeepBurner [2010.06.13 01:30:33 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\dvdcss [2010.06.05 01:29:17 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\GetRightToGo [2010.08.08 01:45:20 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ [2009.10.17 14:46:28 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Identities [2010.07.30 18:06:29 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\InstallShield Installation Information [2010.07.30 03:40:30 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\kikin [2009.10.17 15:00:46 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Macromedia [2009.12.24 18:14:49 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Malwarebytes [2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Media Center Programs [2010.07.30 03:06:47 | 000,000,000 | --SD | M] -- C:\Users\*****\AppData\Roaming\Microsoft [2010.06.27 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Mozilla [2010.08.04 01:08:40 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\nHancer [2010.06.13 10:49:42 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\NVIDIA [2009.11.15 13:14:41 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OpenOffice.org [2009.10.17 14:57:50 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Opera [2009.12.13 02:13:02 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\SharePod [2010.06.14 22:30:44 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird [2010.06.03 23:38:09 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ubisoft [2010.08.01 02:35:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\vlc [2009.10.17 16:26:33 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Winamp [2009.10.17 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.07.30 17:55:31 | 000,331,776 | ---- | M] () -- C:\Users\*****\AppData\Roaming\InstallShield Installation Information\{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}\SetupUT3.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.08.2010 12:26:57 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 65,00 Gb Total Space | 11,31 Gb Free Space | 17,40% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 400,76 Gb Total Space | 360,70 Gb Free Space | 90,00% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: *****-PC
Current User Name: *****
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1" = Haushaltsbuch Freeware 2.7
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43695674-7C8B-494D-A88D-F36C703A4993}" = VideoCAM Slim USB2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}" = Spider-Man 3(TM)
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis*Disk*Director*Home
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin Plugin (NO23 Edition) 2.0
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"10-Sekunden-Haushaltsbuch 5" = 10-Sekunden-Haushaltsbuch 5 5.06
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Avi2Dvd" = Avi2Dvd 0.4.5 beta
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{990166FA-1ACB-4AA7-B592-4D370C7CDD1A}" = Spider-Man 3 (TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"nHancer" = nHancer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"Steam App 240" = Counter-Strike: Source
"TIPP10_is1" = TIPP10 Version 2.0.3
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4294236280-299869525-1871705385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31.07.2010 21:01:36 | Computer Name = *****-PC | Source = MsiInstaller | ID = 1013
Description =
Error - 01.08.2010 19:08:18 | Computer Name = *****-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 05.08.2010 05:29:40 | Computer Name = *****-PC | Source = Google Update | ID = 20
Description =
Error - 05.08.2010 06:49:44 | Computer Name = *****-PC | Source = Google Update | ID = 20
Description =
Error - 06.08.2010 18:52:18 | Computer Name = *****-PC | Source = Google Update | ID = 20
Description =
Error - 07.08.2010 08:09:27 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Risen.exe, Version: 1.0.28552.0,
Zeitstempel: 0x4aafc0ab Name des fehlerhaften Moduls: FileSystem2.dll, Version: 1.0.28552.0,
Zeitstempel: 0x4aba4664 Ausnahmecode: 0x40000015 Fehleroffset: 0x00013c86 ID des fehlerhaften
Prozesses: 0x1368 Startzeit der fehlerhaften Anwendung: 0x01cb3615ccb62812 Pfad der
fehlerhaften Anwendung: F:\Games\Risen\bin\Risen.exe Pfad des fehlerhaften Moduls:
F:\Games\Risen\bin\FileSystem2.dll Berichtskennung: 9fc49e6c-a21c-11df-9321-00241d8400eb
Error - 07.08.2010 20:53:33 | Computer Name = *****-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "F:\Daten\Programme\SoftonicDownloader54031.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 07.08.2010 20:56:51 | Computer Name = *****-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Manuel\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Error - 07.08.2010 20:56:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Manuel\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Error - 08.08.2010 06:11:06 | Computer Name = *****-PC | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 10.07.2010 04:38:28 | Computer Name =*****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 10.07.2010 18:41:38 | Computer Name =*****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 11.07.2010 05:53:56 | Computer Name =*****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 11.07.2010 17:38:58 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 12.07.2010 12:32:28 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 13.07.2010 16:44:24 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 14.07.2010 16:33:46 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 15.07.2010 12:33:09 | Computer Name =*****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 15.07.2010 13:30:39 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error - 16.07.2010 16:54:59 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
< End of report >
ich hoffe ihr könnt was damit anfangen Gruß Nospheratu |
| Themen zu seltsame Musik im Browser Trojaner? |
| 4d36e972-e325-11ce-bfc1-08002be10318, avg free, bho, bonjour, browser, c:\windows\system32\rundll32.exe, cdburnerxp, codes, components, computer, continue, converter, desktop, einstellungen, error, flash player, google, home, home premium, install.exe, installation, jdownloader, location, locker, logfile, manuel, media center, mozilla, mozilla thunderbird, mp3, msiinstaller, musik, nvstor.sys, oldtimer, otl.exe, plug-in, problem, programdata, realtek, registry, richtlinie, rundll, saver, server, shortcut, software, staropen, start menu, syswow64, trojaner, trojaner?, unknown mbr, vlc media player, webcheck, wrapper |
Baum-Darstellung