| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: selbe problem mit Windows Security Alert - Antivirus Software AlertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.08.2010, 12:24
| #1 |
| |  selbe problem mit Windows Security Alert - Antivirus Software Alert also leute ich bin neu hier brauche aber dringend eure hilfe und hoffe ihr könnt mich irgendwie weiterbringen :-( also mein Problem ist das gleiche wie bei Taube (http://www.trojaner-board.de/88401-w...-internet.html) ehm ich versuche das problem wie von euch beschrieben zu lösen. habe mir schon Malwarebytes runtergeladen und lasse grade den vollscan durchlaufen. poste ich auch gleich rein. meine frage noch: brauche ich für den OTL- scan dann internet ? weil ich keine verbindung mehr aufgebaut bekomme :-( hoffe ihr könnt mir weiterhelfen LG LavaLampe92  so hab jetzt Malwarebytes durchlaufen lassen: dabei wurde das gefunden ^^ hier noch einmal der Log dazu: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4052 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18943 15.08.2010 14:20:59 mbam-log-2010-08-15 (14-20-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 298671 Laufzeit: 1 Stunde(n), 8 Minute(n), 0 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 3 Infizierte Registrierungswerte: 4 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 5 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\java developer script browse (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vbesirujiqigiso (Trojan.Agent.U) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-6910249558-1307336201-834733800-7649\nvapbar.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\RECYCLER\S-1-5-21-6910249558-1307336201-834733800-7649\nvapbar.exe (Worm.Autorun.B) -> Delete on reboot. C:\Users\Public\jusched.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\User\AppData\Roaming\sdra64.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\User\AppData\Local\odrfeas.dll (Trojan.Agent.U) -> Quarantined and deleted successfully. C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully. wie man gelesen hat war ich im abgesichterten modus, weil ich im normalen windows vista modus nichts mehr installieren oder anklicken konnte da mir das programm jeglichen zugriff verweigert  !wie ihr beschreibt wollte ich die gefundenen dateien löschen kam dabei aber folgende naricht: ich hab auf ja gedrückt, aber beim neustart kam ich dann wieder in den normalen modus und das programm war immer noch da  ich hoffe ihr könnt was mit meinem materialien anstellen ^^ soll ich jetzt OTL runterladen und weiter machen ? so hab jetzt OTL mal durchlaufen lassen im abgesichtern modus  Log OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.08.2010 14:47:32 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\User\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18943) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 893,00 Mb Total Physical Memory | 504,00 Mb Available Physical Memory | 56,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 52,14 Gb Total Space | 10,36 Gb Free Space | 19,88% Space Free | Partition Type: NTFS Drive D: | 51,84 Gb Total Space | 49,51 Gb Free Space | 95,50% Space Free | Partition Type: NTFS E: Drive not present or media not loaded Drive F: | 95,92 Mb Total Space | 58,74 Mb Free Space | 61,23% Space Free | Partition Type: FAT G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-PC Current User Name: User Logged in as Administrator. Current Boot Mode: SafeMode Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\User\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (SearchAnonymizer) -- C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe () SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (GtFlashSwitch) -- C:\Program Files\Common Files\GtFlashSwitch\GtFlashSwitch.exe (OptionNV) SRV - (gtdetectsc) -- C:\Windows\System32\Gtdetectsc.exe (OptionNV) SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer) SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.) SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe () SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.) SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.) SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe () ========== Driver Services (SafeList) ========== DRV - (UIUSys) -- C:\Windows\System32\DRIVERS\UIUSYS.SYS File not found DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys File not found DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (SiFilter) -- C:\Windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc) DRV - (SI3112) -- C:\Windows\system32\DRIVERS\SI3112.sys (Silicon Image, Inc) DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (GTSCSER) -- C:\Windows\System32\drivers\gtscser.sys (Option N.V.) DRV - (GTF32BUS) -- C:\Windows\System32\drivers\gtf32bus.sys (Option N.V.) DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.) DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST) DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST) DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST) DRV - (NWADI) -- C:\Windows\System32\drivers\NWADIenum.sys (Novatel Wireless Inc) DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.) DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (ESDCR) -- C:\Windows\System32\drivers\ESD7SK.sys (ENE Technology Inc.) DRV - (ESMCR) -- C:\Windows\System32\drivers\ESM7SK.sys (ENE Technology Inc.) DRV - (EMSCR) -- C:\Windows\System32\drivers\EMS7SK.sys (ENE Technology Inc.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (MTOnlPktAlyX) -- C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys () DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (odysseyIM4) -- C:\Windows\System32\drivers\odysseyIM4.sys (Funk Software, Inc.) DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://google.icq.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.de/search?q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/" FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Live Search" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://go.microsoft.com/fwlink/?LinkId=69157" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: D:\Handy W810i\components [2010.07.26 00:27:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: D:\Handy W810i\plugins [2010.07.26 00:27:02 | 000,000,000 | ---D | M] [2010.07.01 09:05:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2010.07.01 09:05:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2010.08.11 23:00:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions [2010.06.09 17:16:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.09 17:17:09 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2009.02.26 19:32:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.07.02 12:42:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.09 17:16:54 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2010.06.09 17:16:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\prhefwgd.default\extensions\personas@christopher.beard [2009.10.28 18:44:36 | 000,000,828 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-1.xml [2009.10.28 18:44:36 | 000,000,828 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-2.xml [2009.10.28 18:44:36 | 000,000,828 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-3.xml [2009.10.29 09:33:26 | 000,000,961 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-4.xml [2009.11.21 16:01:22 | 000,000,961 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-5.xml [2009.12.19 17:04:45 | 000,000,961 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-6.xml [2010.01.17 18:22:22 | 000,000,961 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-7.xml [2010.02.01 10:34:02 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin-8.xml [2010.04.22 13:33:22 | 000,000,945 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\prhefwgd.default\searchplugins\icqplugin.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\Huawei Modems\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Ocs_SM] C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizer.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.) O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [ynrbbqgv] C:\Users\User\AppData\Local\xjlrvmktc\bfissnxshdw.exe () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\PartyPoker\RunApp.exe File not found O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: btopenzone.com ([www] https in Trusted sites) O15 - HKCU\..Trusted Domains: moove.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: t-mobile.net ([hotspot] https in Trusted sites) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222096874 (Image Uploader Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1211561436 (Image Uploader Control) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\t-mobile - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.12.06 02:01:37 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.08.15 14:22:46 | 000,000,391 | ---- | M] () - F:\autorun.inf -- [ FAT ] O33 - MountPoints2\{09875f77-7eef-11de-9aca-0016d466085a}\Shell\AutoRun\command - "" = F:\SoftwareManual.exe -- [2010.06.02 23:47:54 | 000,176,775 | RHS- | M] () O33 - MountPoints2\{09875f77-7eef-11de-9aca-0016d466085a}\Shell\explore\command - "" = F:\SoftwareManual.exe -- [2010.06.02 23:47:54 | 000,176,775 | RHS- | M] () O33 - MountPoints2\{09875f77-7eef-11de-9aca-0016d466085a}\Shell\open\command - "" = F:\SoftwareManual.exe -- [2010.06.02 23:47:54 | 000,176,775 | RHS- | M] () O33 - MountPoints2\{3f22fbc0-07b8-11dc-9bd3-0016d466085a}\Shell\AutoRun\command - "" = F:\SoftwareManual.exe -- [2010.06.02 23:47:54 | 000,176,775 | RHS- | M] () O33 - MountPoints2\{3f22fbc0-07b8-11dc-9bd3-0016d466085a}\Shell\explore\command - "" = F:\ -- File not found O33 - MountPoints2\{3f22fbc0-07b8-11dc-9bd3-0016d466085a}\Shell\open\command - "" = F:\SoftwareManual.exe -- [2010.06.02 23:47:54 | 000,176,775 | RHS- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.08.15 14:44:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2010.08.15 13:07:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes [2010.08.15 13:07:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.08.15 13:07:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.08.15 13:07:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.08.15 13:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.08.15 13:00:34 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe [2010.08.12 18:07:48 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA% [2010.08.12 18:06:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\xjlrvmktc [2010.08.12 18:05:39 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Roaming\lowsec [2010.08.10 21:21:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.08.10 21:21:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.08.10 21:21:55 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.08.10 21:21:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.08.10 21:21:55 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.08.10 21:21:55 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.08.10 21:21:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.08.10 21:21:55 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.08.10 21:21:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.08.10 21:21:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.08.10 21:21:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.08.10 21:21:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.08.10 21:21:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.08.10 21:21:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.08.10 21:21:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.08.10 21:20:10 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.08.10 21:20:09 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.08.10 21:20:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.08.10 21:20:03 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.08.10 21:20:02 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.08.08 14:01:15 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\musik-oma [2010.08.07 11:13:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\PhotoScape [2010.08.04 20:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010.08.04 19:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010.08.01 22:59:28 | 000,000,000 | ---D | C] -- C:\LogiShrd [2010.08.01 22:59:28 | 000,000,000 | ---D | C] -- \LogiShrd [2010.07.21 00:39:23 | 000,000,000 | RHSD | C] -- C:\RECYCLER [2010.07.21 00:39:23 | 000,000,000 | RHSD | C] -- \RECYCLER [2006.12.06 02:03:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll ========== Files - Modified Within 30 Days ========== [2010.08.15 14:49:45 | 000,783,872 | ---- | M] () -- C:\Windows\System32\drivers\yhppk.sys [2010.08.15 14:45:46 | 002,883,584 | -HS- | M] () -- C:\Users\User\ntuser.dat [2010.08.15 14:44:16 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2010.08.15 14:31:40 | 001,472,290 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.08.15 14:31:40 | 000,628,198 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.08.15 14:31:40 | 000,603,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.08.15 14:31:40 | 000,129,708 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.08.15 14:31:40 | 000,107,150 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.08.15 14:27:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.08.15 14:23:57 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.08.15 14:23:57 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.08.15 14:23:50 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.08.15 14:23:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.08.15 14:22:45 | 000,524,288 | -HS- | M] () -- C:\Users\User\ntuser.dat{a56621ca-c39f-11de-8e79-0016d466085a}.TMContainer00000000000000000001.regtrans-ms [2010.08.15 14:22:45 | 000,065,536 | -HS- | M] () -- C:\Users\User\ntuser.dat{a56621ca-c39f-11de-8e79-0016d466085a}.TM.blf [2010.08.15 13:07:14 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.15 13:00:36 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup.exe [2010.08.15 12:58:42 | 000,002,853 | ---- | M] () -- C:\Users\User\AppData\Local\azodemad.dll [2010.08.15 12:38:40 | 000,002,853 | ---- | M] () -- C:\Users\User\AppData\Local\isajofoy.dll [2010.08.15 11:57:44 | 000,002,853 | ---- | M] () -- C:\Users\User\AppData\Local\adatugapojuy.dll [2010.08.15 11:22:29 | 000,002,853 | ---- | M] () -- C:\Users\User\AppData\Local\emuqajac.dll [2010.08.15 10:57:07 | 000,001,356 | ---- | M] () -- C:\Users\User\AppData\Local\d3d9caps.dat [2010.08.12 18:32:05 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.08.10 21:44:18 | 000,276,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.08.10 21:30:36 | 000,000,118 | ---- | M] () -- C:\Windows\System32\MRT.INI [2010.08.08 22:00:53 | 000,041,984 | ---- | M] () -- C:\Users\User\Documents\Es war spät am Abend als wir endlich in dem kleinen bescheidenen Dorf Girlan in Südtirol ankamen.doc [2010.07.26 01:05:02 | 000,000,211 | --S- | M] () -- C:\Users\User\AppData\Local\4149341980.dat [2010.07.20 01:02:15 | 000,079,360 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2010.08.15 13:07:14 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.08.15 12:58:41 | 000,002,853 | ---- | C] () -- C:\Users\User\AppData\Local\azodemad.dll [2010.08.15 12:38:40 | 000,002,853 | ---- | C] () -- C:\Users\User\AppData\Local\isajofoy.dll [2010.08.15 11:57:44 | 000,002,853 | ---- | C] () -- C:\Users\User\AppData\Local\adatugapojuy.dll [2010.08.15 11:22:29 | 000,002,853 | ---- | C] () -- C:\Users\User\AppData\Local\emuqajac.dll [2010.08.12 18:07:44 | 000,783,872 | ---- | C] () -- C:\Windows\System32\drivers\yhppk.sys [2010.08.10 21:30:36 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2010.08.08 19:48:35 | 000,041,984 | ---- | C] () -- C:\Users\User\Documents\Es war spät am Abend als wir endlich in dem kleinen bescheidenen Dorf Girlan in Südtirol ankamen.doc [2010.07.26 01:04:00 | 000,000,211 | --S- | C] () -- C:\Users\User\AppData\Local\4149341980.dat [2010.07.26 01:04:00 | 000,000,000 | R--- | C] () -- C:\Users\User\AppData\Roaming\eIg6L.txt [2009.12.24 16:04:32 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009.11.16 09:08:00 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009.06.20 10:36:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.05.07 21:38:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2009.05.07 21:36:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2009.05.07 21:35:37 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2009.01.20 11:19:15 | 000,016,395 | ---- | C] () -- C:\Windows\System32\msdx92.dll [2008.12.01 13:51:50 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2008.07.28 17:30:12 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2008.07.26 09:25:02 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2008.07.14 13:25:40 | 000,091,072 | ---- | C] () -- C:\Windows\System32\RoseCo2.dll [2007.10.22 08:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll [2007.10.22 08:53:12 | 000,466,944 | ---- | C] () -- C:\Windows\RemoveDevice.dll [2007.05.22 21:17:54 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2007.05.21 15:35:24 | 000,000,057 | ---- | C] () -- C:\Windows\init.ini [2007.05.16 01:53:10 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI [2007.05.15 18:21:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys [2007.05.15 18:21:06 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys [2007.05.15 18:20:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll [2007.05.15 18:11:34 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini [2006.12.06 10:54:58 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2006.12.06 09:11:58 | 000,000,103 | ---- | C] () -- C:\Windows\Alaunch.ini [2006.12.06 09:11:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006.12.06 09:11:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.12.06 02:12:22 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll [2006.12.06 02:03:36 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2006.12.06 02:01:58 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys [2006.12.06 01:58:29 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll [2006.11.16 13:20:38 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll [2006.11.16 13:20:20 | 000,200,704 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll [2006.11.16 13:20:10 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll [2006.11.16 13:19:10 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MSNChatHook.dll [2006.11.16 13:19:04 | 000,123,904 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll [2006.11.16 13:18:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll [2006.11.16 13:18:50 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll [2006.11.16 13:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll < End of report > und dann noch der zweite Log Extras: OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.08.2010 14:47:32 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\User\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
893,00 Mb Total Physical Memory | 504,00 Mb Available Physical Memory | 56,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 52,14 Gb Total Space | 10,36 Gb Free Space | 19,88% Space Free | Partition Type: NTFS
Drive D: | 51,84 Gb Total Space | 49,51 Gb Free Space | 95,50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 95,92 Mb Total Space | 58,74 Mb Free Space | 61,23% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USER-PC
Current User Name: User
Logged in as Administrator.
Current Boot Mode: SafeMode
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- D:\Handy W810i\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C1A005-AAB9-4E3D-805D-2FE8980C4644}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0CB60CE4-17C6-45B8-94E4-80801AC9956B}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{11530858-BC9B-46FC-AB93-235C36736BC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{18CE396A-AA44-4DEC-AAE8-C4B97623E3F1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E93A1A6-B1A1-431E-B938-79363550D56D}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{2597B8F4-0F8E-49A7-B9AF-9DEE2DA0C546}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2767F353-608E-4F46-9B36-C3FFDAAC7BCC}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{2E7D4EA3-3118-4E86-83D9-809A66A71DAB}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{31E86C7C-DA51-4178-BAC3-9D5BF257F47D}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{3658A206-FE68-4625-93A4-C17BAE55C926}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C3AC825-CCFC-4C09-B3B0-4A7BA49A15C7}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{3D3B4A78-DF7D-4CED-B1A8-BF20632A8F8E}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{3D84694F-F5A8-40C8-8787-1821753AFAE5}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{433C4897-9F29-493F-8D5D-C0B16F3A20D4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{43ACE2DC-A1EB-423A-BB80-5E400EED0671}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{48D65E28-6C6D-4E46-A50D-C245A043747A}" = rport=5357 | protocol=6 | dir=out | app=system |
"{4AE1EB36-BFDD-4741-9D3F-9A64054A78F6}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{4C772D59-4044-474F-BF9A-37535EA7D71F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{503995DF-47FE-494E-AE46-1F605E83D2A2}" = lport=5358 | protocol=6 | dir=in | app=system |
"{589E83E8-30E7-44A9-BFA7-A2DC91BF2DE0}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{5C9EF325-9974-478F-9ED3-A6696C5C7FE5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78CFA978-F370-42C9-9CDF-7B9FF4993868}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{8357220B-C9C0-4F64-A719-D48BE97FC9BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{85007113-6B16-4BE7-BE1C-53A560F098D5}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{871884CC-5B23-4D00-9296-B1ADE834649A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9299A9EA-7CC7-446A-897D-341F205E4EEF}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{9A3E4E1B-AB9D-4175-AB6F-74657CF96C95}" = lport=5357 | protocol=6 | dir=in | app=system |
"{9CBDFA05-7559-419A-B3F5-DA74CE689D9A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABB8C9E1-D591-4BAF-AA8A-F94F30A81C32}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{B04B1DC4-FAB4-47CB-99C1-94BAB54E4431}" = rport=2869 | protocol=6 | dir=out | app=system |
"{B2398453-59F4-40D8-B151-FCF70355DD5C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{BE48072F-B1F5-4500-B2DE-B5FEAF87A96B}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{BE6C1039-825E-44A6-A5B9-9C3359EEF984}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD6B947C-6A0D-408F-B4A5-C0A203C1BB23}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{EF52834E-37E0-44A1-B5CD-E8E1FE15DF5B}" = rport=5358 | protocol=6 | dir=out | app=system |
"{F28B3BB7-A9C2-40C5-B242-F2A6C0EAA7D8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F2B5CC61-53E9-43A9-88E7-0E0E3856165B}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{F37A50E8-203A-454F-97FF-08BE209114BD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063D8B9A-7D13-4BDA-A5A4-E93D636AFE73}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{079543CC-C9CD-4D67-9936-6517C37B447A}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{216D1941-F04F-4732-9B62-ABC4961FC2DF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2A4DA450-59AA-4FAA-9C65-2AD28E0E677C}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{381FBB05-D109-470A-8541-CB750A70162E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3DCE08E0-7637-4B1E-A4AF-D67E16662155}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{412BE592-0473-4240-BCD7-A35DD426D80E}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{4A042480-42DC-48B4-AD6E-00F9797553D3}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4F3763A4-3DF3-4D0D-9A28-C0146A4DE2AF}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{5A48FEE6-7DFA-423B-821B-6572F7790948}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{5C19EC2F-8010-4457-97E4-DCE010A9759D}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{5C2A84FC-5594-4B2F-95FE-13A530F63BA8}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{6FA44D5B-FC6F-4E26-A39D-82AACF4C2F7E}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{740D02B0-4E04-42E7-8D89-394B073ED772}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{768C1C06-796A-4C67-A1F3-D9C2F3951FC6}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{77298F48-CCD0-45A5-AAEC-CE02EC835106}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{799BBDB0-F2F7-4C23-A937-EF33F26911DA}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{8084F342-9B06-49D8-BD33-51B2FA9CCCF9}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{8A892C74-8DB9-4DD9-9F7F-CA1CB9EFC2D3}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{8F89C7A7-A248-4028-A374-AC1825C8B693}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{923ED53D-37E9-4626-A50B-DA7A48D1EBE6}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{9954689B-2EC5-4940-B9B8-F2F2D804503B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{9AA4D901-AE2C-4013-AA5F-4A2AA9F13C6D}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{9F2CB88B-D012-4429-8171-3EE2378C1902}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{A0325167-64A8-486F-AC06-7A4564052DB4}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{A299E0E1-7EBB-43D3-B0F3-48CCFC186943}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{A7C457A7-E740-4C09-B878-DBB3387D481E}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{B034AD1E-776F-4B0D-8993-52CCC9D58E1C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{B352B1EC-5305-481D-BC9E-0DB07407975D}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{BC2D79DC-6B78-4063-8697-9B7A12EFFD04}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{BD9A4E84-E536-4187-A867-9161166C9CBE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{BF76B27B-A42E-48B1-BDCA-9303F052AAA9}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{C1BF3BD8-0127-4850-BEFA-CFC7F3093D13}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{C5F6DC72-C429-4462-9E73-62E916A0B740}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{C92D0143-F3FC-4129-B458-B52624F1EA86}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{E071C3D7-1FB5-44CF-B843-7B3750F630E7}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{E71B54A8-2669-418C-ADA4-CDBF67A5E33B}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{EDC73BB8-1F93-47BF-8784-EDDBA0F0BD9A}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{EEC1CA74-38B1-4A51-A067-B00967D935D0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{0C3EB00C-26EC-4F7D-963E-BF19EBE9EEC1}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{23C2CABE-5BFC-4CB6-BF86-9CFF79BE7166}D:\world of warcraft\wow-1.12.0-dede-downloader.exe" = protocol=6 | dir=in | app=d:\world of warcraft\wow-1.12.0-dede-downloader.exe |
"TCP Query User{26B320B1-811A-4707-8472-FFF06BBE4F8D}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{270BD754-E9E9-4F20-96C2-3B7BF54F7EE2}D:\hauptordner icq 6\icq6\icq.exe" = protocol=6 | dir=in | app=d:\hauptordner icq 6\icq6\icq.exe |
"TCP Query User{3A9B7F55-AEF4-45AF-BB16-27F73A7AC643}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{3C64F2C0-2046-4421-96B9-B931F86F58A4}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{3E589AED-71D4-4D3E-84CA-636A2289EBF8}D:\hauptordner icq 6\icq6\icq.exe" = protocol=6 | dir=in | app=d:\hauptordner icq 6\icq6\icq.exe |
"TCP Query User{43AE5F19-CF20-4605-BAFA-AA11A855602D}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{456198EB-C4BA-4E15-B35E-2D36D4E718D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{55DC67C0-197B-4555-A597-A5D3FDC81C02}C:\program files\t-online\t-online_software_6\internet-telefon\phone.exe" = protocol=6 | dir=in | app=c:\program files\t-online\t-online_software_6\internet-telefon\phone.exe |
"TCP Query User{65AB8EF6-92B4-41E5-91AA-5F7DA4C55357}D:\hauptordner icq 6\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\hauptordner icq 6\icq6.5\icq.exe |
"TCP Query User{6952B066-1F06-4081-A65A-3557D7E0A1DF}C:\users\user\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\imvuclient\1vivoxvoice.exe |
"TCP Query User{724A9428-20DF-49A7-B003-7777239F444E}D:\hauptordner icq 6\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\hauptordner icq 6\icq6.5\icq.exe |
"TCP Query User{7C5FDB3C-82B4-4EE9-95B7-9C12FA1182D0}D:\haushaltsbuch-speicher\_adv.exe" = protocol=6 | dir=in | app=d:\haushaltsbuch-speicher\_adv.exe |
"TCP Query User{7EA2B172-36E5-4768-8A03-17FAC29279D7}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{876CAFA0-4115-436B-BFF9-4C4A7FCA652C}C:\program files\joost\xulrunner\tvprunner.exe" = protocol=6 | dir=in | app=c:\program files\joost\xulrunner\tvprunner.exe |
"TCP Query User{A978A757-8961-4C4D-AAA7-4FAA56C01C83}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{B5E8D014-DDF3-4C23-AFC8-2926895BB007}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{C62119A1-7342-4397-B11F-0998A1D96F3B}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe |
"TCP Query User{DBD22E8A-5C27-487F-BED8-150371E912FC}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{F2ED1C43-5893-431E-AEC2-8EAB7CA122A5}C:\program files\paradox interactive\hearts of iron 2\hoi2.exe" = protocol=6 | dir=in | app=c:\program files\paradox interactive\hearts of iron 2\hoi2.exe |
"UDP Query User{08B55CBE-A464-4CB8-ACC6-37960F94F8AE}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{2BD3B381-21E8-4B8D-9EA9-5C36CE2D4041}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{33D1C41F-9759-4F6E-8D32-B304670C3A37}D:\hauptordner icq 6\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\hauptordner icq 6\icq6.5\icq.exe |
"UDP Query User{34788E95-6BA3-4E68-A77C-EBE1A4CB0DBE}C:\users\user\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{37B8460B-8A0D-4CC3-9B3C-39BB6110A585}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe |
"UDP Query User{45A685D2-5051-46B6-A011-5C538E562644}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{464251CC-ABD1-4693-8450-5FE5EECE52CA}C:\program files\t-online\t-online_software_6\internet-telefon\phone.exe" = protocol=17 | dir=in | app=c:\program files\t-online\t-online_software_6\internet-telefon\phone.exe |
"UDP Query User{51F4A122-A668-4937-BE8E-F7D92FA360B5}D:\hauptordner icq 6\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\hauptordner icq 6\icq6.5\icq.exe |
"UDP Query User{537F6239-B9A4-4347-BFA3-3B38588DF39D}D:\haushaltsbuch-speicher\_adv.exe" = protocol=17 | dir=in | app=d:\haushaltsbuch-speicher\_adv.exe |
"UDP Query User{5518203E-BD73-418A-AA2B-573370BF3B3A}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{58FC73E8-2AA9-4C46-AEE3-9065FDDC9F81}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{5F330336-B9F8-40BE-90A6-05D9C2729658}D:\hauptordner icq 6\icq6\icq.exe" = protocol=17 | dir=in | app=d:\hauptordner icq 6\icq6\icq.exe |
"UDP Query User{797DB354-9AEC-42CC-9A94-1389FC6737C4}D:\hauptordner icq 6\icq6\icq.exe" = protocol=17 | dir=in | app=d:\hauptordner icq 6\icq6\icq.exe |
"UDP Query User{9995ED87-0326-40F7-A3E7-681120196B7A}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{CAFC431E-81CC-4FDE-A0DC-D735C366688D}C:\program files\paradox interactive\hearts of iron 2\hoi2.exe" = protocol=17 | dir=in | app=c:\program files\paradox interactive\hearts of iron 2\hoi2.exe |
"UDP Query User{CBCBBA6C-9B77-45DD-A35A-4D4576CAF4EE}C:\program files\joost\xulrunner\tvprunner.exe" = protocol=17 | dir=in | app=c:\program files\joost\xulrunner\tvprunner.exe |
"UDP Query User{D0F8F92B-E0DD-477E-98C2-64899A0848E6}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{D8C5E959-AF2E-4A07-AB40-3E1AEDB10105}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{DA9E5DE3-43CF-485C-BA52-D14CBF7172FE}D:\world of warcraft\wow-1.12.0-dede-downloader.exe" = protocol=17 | dir=in | app=d:\world of warcraft\wow-1.12.0-dede-downloader.exe |
"UDP Query User{DBFAB41C-B47B-4EBC-A890-330AFBD7CBED}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{E422A87F-4883-457B-BD37-B183291AE982}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0093DFA0-5062-CA37-A1F9-9DCBE3E40045}" = ccc-core-static
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0622BD28-3CD8-2D6F-0233-F705A02C0564}" = ccc-utility
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1CA2F1E3-8C8B-387B-5ECC-6FC494D1AC49}" = Catalyst Control Center Graphics Previews Common
"{1F8AE5F3-DCF7-1911-427B-E23AE9385FF8}" = ATI Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{37FD2F04-EC91-41AE-B5AB-AFF904BF20EE}" = Mobile Broadband Drivers
"{3AB2F8DF-F905-44F9-8003-C81FEE95BC2B}" = Communication Center
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F02AAF6-3E2A-F09D-2E09-A94CFBFA16A3}" = Catalyst Control Center Graphics Previews Vista
"{44AFDB86-1509-4CDC-9B2E-1C73B2DEE5F0}" = Mobile Broadband Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{647CB822-0C48-4487-5780-8757D9B2BBAC}" = Catalyst Control Center Graphics Light
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{98786147-80E3-41A5-A80C-1F3C028558CF}" = Hearts of Iron 2
"{9B5EB3A9-4F86-F06B-5B7A-5F287C5C3766}" = Catalyst Control Center Graphics Full Existing
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB3B4056-4539-485E-A996-3B52480AA4B7}" = GT HSDPA driver installer
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda 5.5.0
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4E7920-E04D-1A04-51B8-14FAB63DD6B7}" = Skins
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D1B598DE-0264-4377-9328-174171CB715F}" = Catalyst Control Center Core Implementation
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E75450F4-D97C-41BA-926E-F03ABC331A9F}" = Catalyst Control Center Graphics Full New
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"7-Zip" = 7-Zip 4.32
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"G-Force" = G-Force
"Hamachi" = Hamachi 1.0.3.0
"Huawei Modems" = Huawei modem
"ICQToolbar" = ICQ Toolbar
"lvdrivers_11.80" = Logitech QuickCam-Treiberpaket
"MAGIX Music Maker 15 Premium D" = MAGIX Music Maker 15 Premium 15.0.0.19 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Novatel_V20025Installer" = Novatel driver package V2.00.25
"Novatel_V20051Installer" = Novatel driver package V2.00.51
"Nvu_is1" = Nvu 1.0
"OptionPCCardInstaller" = Option Fusion Card driver, Ricola v 2.0.0.0
"OptionPCCardInstaller_tmcc" = Option PC Cards driver package
"OptionPluss_PCCardInstaller" = Option Fusion+ Card driver, Nozomi v 2.1.1.112
"PhotoScape" = PhotoScape
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SearchAnonymizer" = SearchAnonymizer
"ShockwaveFlash" = Macromedia Flash Player 8
"Sierra Wireless AirCards" = Sierra Wireless AirCards
"ST6UNST #1" = BEWERBUNGSMASTER
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.6
"Warcraft III" = Warcraft III
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.08.2008 10:47:52 | Computer Name = User-PC | Source = Perflib | ID = 1005
Description =
Error - 15.08.2008 10:47:52 | Computer Name = User-PC | Source = Perflib | ID = 1018
Description =
Error - 15.08.2008 10:47:53 | Computer Name = User-PC | Source = Perflib | ID = 1008
Description =
Error - 15.08.2008 14:44:07 | Computer Name = User-PC | Source = EventSystem | ID = 4621
Description =
Error - 20.08.2008 03:57:59 | Computer Name = User-PC | Source = RasClient | ID = 20227
Description =
Error - 20.08.2008 04:00:27 | Computer Name = User-PC | Source = RasClient | ID = 20227
Description =
Error - 25.08.2008 11:01:24 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm SndVol.exe, Version 6.0.6001.18000 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: a34 Anfangszeit: 01c90512b7b4e91d Zeitpunkt
der Beendigung: 36
Error - 29.08.2008 08:58:16 | Computer Name = User-PC | Source = RasClient | ID = 20227
Description =
Error - 29.08.2008 10:52:04 | Computer Name = User-PC | Source = RasClient | ID = 20227
Description =
Error - 29.08.2008 10:52:15 | Computer Name = User-PC | Source = RasClient | ID = 20227
Description =
[ System Events ]
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 15.08.2010 08:28:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description =
< End of report >
hoffe ihr könnt mir helfen :'( |
|
15.08.2010, 19:52
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  selbe problem mit Windows Security Alert - Antivirus Software AlertZitat:
__________________ |
|
15.08.2010, 20:59
| #3 |
| | selbe problem mit Windows Security Alert - Antivirus Software Alert ich hab mir aber die aktuellste version runtergeladen. zwar von einem anderen computer und hab sie dann per stick auf den desktop von meinem laptop gezogen.
__________________ich kann ja keine updates machen weil ich keine internetverbindung hin kriege :-( was nun ? |
|
15.08.2010, 21:31
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | selbe problem mit Windows Security Alert - Antivirus Software Alert Lad das Setup für ein manuelles Update => Manual database update - Malwarebytes Forum
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu selbe problem mit Windows Security Alert - Antivirus Software Alert |
| 7-zip, alert, anti virus trojaner, antivirus, antivirus software alert, brauche, components, corp./icp, dringend, excel.exe, firefox.exe, frage, hijack.shell, hoffe, home premium, hotspot, infizierte dateien, install.exe, intrusion prevention, jusched.exe, keine verbindung, laufzeit, launch, leute, location, malwarebytes, neu, nvstor.sys, oldtimer, otl.exe, plug-in, poste, problem, programdata, runtergeladen, saver, searchplugins, security, security alert, sierra, software, trojan.agent.u, verbindung, versuche, vlc media player, weiterhelfen, windows, windows security, windows security alert, worm.autorun.b |
Linear-Darstellung
