| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mein Pc macht was er willWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.11.2010, 19:26
| #1 |
| |  Mein Pc macht was er will Hallo liebes Trojaner Board ich bin neu hier habe schon öfters in eurem board hilfreiche tipps gelesen hier mein problem : Gestern habe ich ganz normal musik gehört mid WMP 12 , als ich in der wiedergabeliste scrollte um ein anderes lied anzuklicken fuhr der Balcken ständig rauf und runter, startete das lied und pausierte es das ging einige zeit dann ging es wieder ohne probleme. Als ich heute den PC startete ging alles wieder ohne probleme später im I-net klickte ich ein bild an und es öffnete sich auch ohne weiteres doch als ich das bild schließen wollte gib es immer wieder auf das ging so lange bis ich das forum in dem das bild war schloss  später bei einem anderen bild war es auch wieder so ?!??!?!? Plötzlich find der WMP wieder an zu spinnen Pause Play ganz schnell hinter einander dann steckte ich das wlan aus um anti vir durchlaufen zu lassen plötzlich dann schaltete ich den pc aus und wieder an am anfang ca 1 min ging er auch wie gewohnt doch als ich anti vir öffnen wollte zeigte er nur das ladesymbol der maus (kreis ) strg+alt+entf ging auf minimierte sich aber sofort und lies sich auf nicht wieder maximieren da die taskleiste gar nicht reagierte papierkorb usw. öffnen sich plötzlich mit nur einem mausklick ( öffnen und schließen sich ganz schnell ) bilder auch  kann mir bitte jemand helfen ich weiß nicht mehr was ich machen soll kann es vill an meiner maus oder tastatur liegen ?? sorry für den langen text |
|
29.11.2010, 19:39
| #2 |
| /// Malware-holic   | Mein Pc macht was er will ootl:
__________________Systemscan mit OTL download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten.
__________________ |
|
29.11.2010, 21:25
| #3 |
| | Mein Pc macht was er will OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 29.11.2010 21:01:35 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Flo\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 43,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1397,17 Gb Total Space | 521,18 Gb Free Space | 37,30% Space Free | Partition Type: NTFS Drive K: | 1,88 Gb Total Space | 1,63 Gb Free Space | 86,81% Space Free | Partition Type: FAT Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe () PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Users\Flo\Desktop\OTL.exe (OldTimer Tools) < End of report > die extras datei wurde nicht erstellt da sich das program ständig aufhing ständig öffnete sich ein neues textdokument mindestens 1000 mal hintereinander ??? was ist das ? ich werde versuchen das mit otl noch mal zu versuchen |
|
30.11.2010, 12:08
| #4 |
| /// Malware-holic | Mein Pc macht was er will versuch otl noch mal, woher soll ich wissen was sich da geöffnet hatt, weis ja nicht was drinnen stand, normalerweise gibts nur 2 dokumente.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.11.2010, 18:17
| #5 |
| | Mein Pc macht was er will später gingsOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.11.2010 21:39:21 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Flo\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 35,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 520,37 Gb Free Space | 37,24% Space Free | Partition Type: NTFS
Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1376234205-2010080528-2110422081-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4F77F6EE-2C99-49F7-940A-2E9C208C3BE2}" = Paint.NET v3.5.2
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{52E26953-00EF-42B3-A075-A57E86A38D07}" = File Rescue Plus
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76A232AF-B7D6-41A4-B795-6B355E6D32B1}" = Tom Clancy's H.A.W.X. 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4E4ACA0-79C5-4FC0-818F-ECE4521EBF8D}" = COMPUTERBILD-Abzockschutz
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AgataSoft ShutDown Pro_is1" = AgataSoft ShutDown Pro 2.9
"Anti-Twin 2010-08-24 13.13.34" = Anti-Twin (Installation 24.08.2010)
"Any Video Converter_is1" = Any Video Converter 3.0.3
"Atomic RAR Password Recovery_is1" = Atomic RAR Password Recovery 1.20
"Avira AntiVir Desktop" = Avira AntiVir Premium
"Bouncing Balls_is1" = Bouncing Balls 1.1.0
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Drakensang_is1" = Drakensang
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Frozen-Bubble_is1" = Frozen-Bubble 1.0
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"ICQToolbar" = ICQ Toolbar
"InstallShield_{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.5.1 (Full)
"Loki" = Loki
"Loki_is1" = Loki
"Mafia II_is1" = Mafia II
"Medal of Honor Limited Edition 2010 3.02" = Medal of Honor Limited Edition 2010 3.02
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mp3tag" = Mp3tag v2.45a
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"Picasa 3" = Picasa 3
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6
"StarCraft II" = StarCraft II
"Trillian" = Trillian
"TuneUp Utilities" = TuneUp Utilities
"Two Worlds II" = Two Worlds II
"VLC media player" = VLC media player 1.1.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"Worms Reloaded_is1" = Worms Reloaded
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1376234205-2010080528-2110422081-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"CursorFX" = CursorFX
"Facebook Plug-In" = Facebook Plug-In
"InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition
"Mask Surf Pro" = Mask Surf Pro
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.11.2010 13:54:41 | Computer Name = Flo-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 29.11.2010 14:37:46 | Computer Name = Flo-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 29.11.2010 15:42:19 | Computer Name = Flo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OTL.exe, Version: 0.0.0.0, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002f1a7 ID des fehlerhaften Prozesses:
0xcb4 Startzeit der fehlerhaften Anwendung: 0x01cb8ffc144de887 Pfad der fehlerhaften
Anwendung: I:\DCIM\OTL.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
c6712bbc-fbf0-11df-807c-90e6baf05262
Error - 29.11.2010 15:59:09 | Computer Name = Flo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OTL.exe, Version: 3.2.17.3, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002eaea ID des fehlerhaften Prozesses:
0x720 Startzeit der fehlerhaften Anwendung: 0x01cb8ffd9ad1e54c Pfad der fehlerhaften
Anwendung: C:\Users\Flo\Desktop\OTL.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
20b23337-fbf3-11df-807c-90e6baf05262
Error - 29.11.2010 16:00:27 | Computer Name = Flo-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.17.3 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1190 Startzeit:
01cb8ffff2279117 Endzeit: 3 Anwendungspfad: C:\Users\Flo\Desktop\OTL.exe Berichts-ID:
Error - 29.11.2010 16:01:56 | Computer Name = Flo-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.17.3 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 13fc Startzeit:
01cb9000137fd255 Endzeit: 3 Anwendungspfad: C:\Users\Flo\Desktop\OTL.exe Berichts-ID:
817312a5-fbf3-11df-807c-90e6baf05262
Error - 29.11.2010 16:08:55 | Computer Name = Flo-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3951 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ad0 Startzeit:
01cb8ff481023cf0 Endzeit: 2 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
73bae252-fbf4-11df-807c-90e6baf05262
Error - 29.11.2010 16:11:34 | Computer Name = Flo-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.17.3 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1524 Startzeit:
01cb900048bb766f Endzeit: 2 Anwendungspfad: C:\Users\Flo\Desktop\OTL.exe Berichts-ID:
Error - 29.11.2010 16:13:29 | Computer Name = Flo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OTL.exe, Version: 3.2.17.3, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002eaea ID des fehlerhaften Prozesses:
0x1398 Startzeit der fehlerhaften Anwendung: 0x01cb9001a31ebb2a Pfad der fehlerhaften
Anwendung: C:\Users\Flo\Desktop\OTL.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
20f0b6f6-fbf5-11df-807c-90e6baf05262
Error - 29.11.2010 16:20:36 | Computer Name = Flo-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OTL.exe, Version: 3.2.17.3, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel:
0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002f1a7 ID des fehlerhaften Prozesses:
0x1360 Startzeit der fehlerhaften Anwendung: 0x01cb90026a9734ae Pfad der fehlerhaften
Anwendung: C:\Users\Flo\Desktop\OTL.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
1fcac9e2-fbf6-11df-807c-90e6baf05262
[ Media Center Events ]
Error - 19.07.2010 11:15:06 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 17:15:04 - Fehler beim Herstellen der Internetverbindung. 17:15:04
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 21:35:13 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 03:35:13 - Fehler beim Herstellen der Internetverbindung. 03:35:13
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 21:35:45 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 03:35:42 - Fehler beim Herstellen der Internetverbindung. 03:35:42
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 22:36:16 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 04:36:16 - Fehler beim Herstellen der Internetverbindung. 04:36:16
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 22:36:46 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 04:36:45 - Fehler beim Herstellen der Internetverbindung. 04:36:45
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 23:37:17 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 05:37:17 - Fehler beim Herstellen der Internetverbindung. 05:37:17
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2010 23:37:47 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 05:37:46 - Fehler beim Herstellen der Internetverbindung. 05:37:46
- Serververbindung konnte nicht hergestellt werden..
Error - 22.09.2010 14:00:26 | Computer Name = Flo-PC | Source = MCUpdate | ID = 0
Description = 20:00:24 - Fehler beim Herstellen der Internetverbindung. 20:00:24
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 21.06.2010 12:31:13 | Computer Name = Flo-PC | Source = bowser | ID = 8003
Description =
Error - 21.06.2010 12:43:13 | Computer Name = Flo-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2010 15:53:01 | Computer Name = Flo-PC | Source = bowser | ID = 8003
Description =
Error - 24.06.2010 16:01:03 | Computer Name = Flo-PC | Source = bowser | ID = 8003
Description =
Error - 25.06.2010 20:32:07 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
Error - 28.06.2010 16:01:24 | Computer Name = Flo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 28.06.2010 16:01:25 | Computer Name = Flo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 28.06.2010 16:01:25 | Computer Name = Flo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 28.06.2010 16:01:26 | Computer Name = Flo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 28.06.2010 16:01:26 | Computer Name = Flo-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.11.2010 21:39:21 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Flo\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 35,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1397,17 Gb Total Space | 520,37 Gb Free Space | 37,24% Space Free | Partition Type: NTFS Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe () PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) PRC - C:\Users\Flo\Desktop\OTL.exe (OldTimer Tools) ========== Modules (SafeList) ========== MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Users\Flo\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV:64bit: - (traffixad) -- C:\Windows\SysNative\netmngr.exe File not found SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (KMService) -- C:\Windows\SysNative\srvany.exe File not found SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\wg111v3.sys (NETGEAR Inc. ) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.) DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (vcd10bus) -- C:\Windows\SysNative\drivers\vcd10bus.sys (H+H Software GmbH) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys () DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl (CyberLink Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1376234205-2010080528-2110422081-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1376234205-2010080528-2110422081-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.1 FF - prefs.js..extensions.enabledItems: {d49175b3-3fd8-43b8-b28e-da5d47f3c398}:1.0.29 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {d9b25e30-c1cf-11de-8a39-0800200c9a66}:3.6.3 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.11.20 02:02:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.20 02:02:30 | 000,000,000 | ---D | M] [2009.12.26 10:09:06 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions [2010.11.29 17:35:42 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions [2010.08.15 10:01:55 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.08.27 23:24:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.07.25 19:12:01 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2010.08.27 23:24:06 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} [2010.04.18 10:03:16 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d9b25e30-c1cf-11de-8a39-0800200c9a66} [2010.07.14 16:12:17 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.07.14 16:12:21 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010.04.18 10:03:16 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\askopensearch-VTS@ask.com [2010.04.18 10:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d9b25e30-c1cf-11de-8a39-0800200c9a66}\chrome\mac\browser\extensions [2010.04.18 10:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d9b25e30-c1cf-11de-8a39-0800200c9a66}\chrome\mac\mozapps\extensions [2010.04.18 10:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d9b25e30-c1cf-11de-8a39-0800200c9a66}\chrome\win\browser\extensions [2010.04.18 10:03:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\2580zwcu.default\extensions\{d9b25e30-c1cf-11de-8a39-0800200c9a66}\chrome\win\mozapps\extensions [2010.03.21 17:31:15 | 000,002,059 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\FireFox\Profiles\2580zwcu.default\searchplugins\daemon-search.xml [2010.11.28 11:02:47 | 000,000,944 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\FireFox\Profiles\2580zwcu.default\searchplugins\icqplugin.xml [2010.11.29 19:39:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.01.30 19:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.08.16 11:11:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.11.20 02:02:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.11.20 02:02:28 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.11.20 02:02:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.11.20 02:02:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.11.20 02:02:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.08.07 10:00:05 | 000,415,969 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14356 more lines... O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKU\S-1-5-21-1376234205-2010080528-2110422081-1001..\Run: [Antivirus Control Center] C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH) O4 - HKU\S-1-5-21-1376234205-2010080528-2110422081-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1376234205-2010080528-2110422081-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\SysWow64\StikyNot.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{55ac3635-f161-11de-b8d4-90e6baf05262}\Shell - "" = AutoRun O33 - MountPoints2\{55ac3635-f161-11de-b8d4-90e6baf05262}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: mfpmerpt - (C:\Windows\system32\compexec.dll) - C:\Windows\SysWow64\compexec.dll File not found O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) MsConfig:64bit - StartUpReg: SoundMax - hkey= - key= - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (hxxp://www.mp3dev.org/) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.tscc - C:\Windows\SysWow64\tsccvid.dll (TechSmith Corporation) Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2010.11.29 20:32:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Flo\Desktop\OTL.exe [2010.11.28 20:01:44 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\tom dokus [2010.11.25 18:06:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2010.11.25 17:43:45 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\Logitech [2010.11.24 17:42:08 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint [2010.11.24 17:42:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.11.23 20:16:36 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Die.Simpsons.S21E04.German.Dubbed.HDTV.XviD-ITG [2010.11.21 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Neuer Ordner (2) [2010.11.21 11:55:14 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\Darksiders [2010.11.20 12:07:11 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Zeitschriften [2010.11.13 13:28:27 | 000,000,000 | R--D | C] -- C:\Users\Flo\Desktop\2004 Ahnenerbe EP [2010.11.13 13:16:24 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\2003 Die Wacht - Nehmt Mir Das Licht (split) [2010.11.13 13:11:53 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\2005 Hyperborea EP [2010.11.11 17:32:43 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\Two Worlds II [2010.11.09 23:26:43 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Neuer Ordner [2010.11.09 22:02:56 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010.11.09 22:02:56 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010.11.09 22:02:56 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010.11.09 22:02:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010.11.09 22:02:55 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2010.11.09 22:02:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2010.11.09 22:02:53 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2010.11.09 22:02:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2010.11.09 22:02:52 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2010.11.09 22:02:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2010.11.09 22:02:51 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2010.11.09 22:02:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2010.11.09 22:02:51 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2010.11.09 22:02:51 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2010.11.09 22:02:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2010.11.09 22:02:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2010.11.09 22:02:47 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.11.09 22:02:47 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.11.09 22:02:47 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.11.09 22:02:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.11.09 22:02:45 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.11.09 22:02:45 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.11.09 22:02:44 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.11.09 22:02:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.11.07 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Novel Games [2010.11.06 09:20:27 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.11.05 17:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SugarGames [2010.11.05 14:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Playrix Entertainment [2010.11.01 18:33:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010.02.25 16:37:46 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Flo\AppData\Roaming\pcouffin.sys [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Flo\*.tmp files -> C:\Users\Flo\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.29 21:32:57 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.29 21:32:57 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.29 20:56:09 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.29 20:44:38 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.29 20:44:38 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.11.29 20:44:38 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.29 20:44:38 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.11.29 20:44:38 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.29 18:56:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.29 18:54:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.29 18:54:06 | 3214,237,696 | -HS- | M] () -- C:\hiberfil.sys [2010.11.29 18:23:09 | 038,931,041 | ---- | M] () -- C:\Users\Flo\Desktop\2009_DICTATOR_-_A_MONUMENT_OF_GLORY.rar.part [2010.11.25 22:14:22 | 000,000,152 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\default.pls [2010.11.25 17:43:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010.11.25 17:43:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010.11.25 17:27:44 | 000,445,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.11.24 17:42:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2010.11.22 17:30:26 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.11.18 19:53:58 | 001,550,533 | ---- | M] () -- C:\Users\Flo\Desktop\DSC02154.JPG [2010.11.12 17:00:41 | 000,081,142 | ---- | M] () -- C:\Users\Flo\Desktop\ausgemauert_I2986_200865151943.jpg [2010.11.07 22:19:04 | 003,655,317 | ---- | M] () -- C:\Users\Flo\Desktop\Gigi und die braunen Stadtmusikanten Feste.mp3 [2010.11.06 09:20:27 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys [2010.11.01 20:33:04 | 000,017,408 | ---- | M] () -- C:\Users\Flo\AppData\Local\WebpageIcons.db [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Flo\*.tmp files -> C:\Users\Flo\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.29 18:01:43 | 038,931,041 | ---- | C] () -- C:\Users\Flo\Desktop\2009_DICTATOR_-_A_MONUMENT_OF_GLORY.rar.part [2010.11.25 17:43:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010.11.25 17:43:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010.11.24 17:42:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2010.11.18 20:48:27 | 001,550,533 | ---- | C] () -- C:\Users\Flo\Desktop\DSC02154.JPG [2010.11.12 17:00:40 | 000,081,142 | ---- | C] () -- C:\Users\Flo\Desktop\ausgemauert_I2986_200865151943.jpg [2010.11.07 22:18:03 | 003,655,317 | ---- | C] () -- C:\Users\Flo\Desktop\Gigi und die braunen Stadtmusikanten Feste.mp3 [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.10.13 19:26:20 | 000,000,060 | ---- | C] () -- C:\Windows\wininit.ini [2010.10.03 10:19:50 | 000,000,276 | ---- | C] () -- C:\Windows\game.ini [2010.09.04 10:28:25 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll [2010.08.24 14:20:03 | 000,000,152 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\default.pls [2010.08.23 22:24:41 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2010.08.21 10:02:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.07.24 18:10:15 | 000,000,024 | ---- | C] () -- C:\ProgramData\peeddy.ini [2010.07.24 18:10:15 | 000,000,006 | ---- | C] () -- C:\ProgramData\peeddy.log [2010.06.20 18:10:23 | 000,025,106 | ---- | C] () -- C:\Windows\Ascd_log.ini [2010.06.18 13:11:59 | 000,017,408 | ---- | C] () -- C:\Users\Flo\AppData\Local\WebpageIcons.db [2010.06.18 12:58:54 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2010.06.18 12:58:54 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2010.06.18 12:58:54 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2010.04.10 19:16:35 | 000,000,005 | -HS- | C] () -- C:\Windows\SysWow64\eeedeccfd7_s.dll [2010.03.22 19:12:13 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys [2010.02.28 17:52:11 | 000,000,190 | ---- | C] () -- C:\Users\Flo\AppData\Local\MyWinLockerInstaller.txt-20100228.log [2010.02.25 16:37:54 | 000,000,074 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\pcouffin.log [2010.02.25 16:37:46 | 000,099,384 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\inst.exe [2010.02.25 16:37:46 | 000,007,859 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\pcouffin.cat [2010.02.25 16:37:46 | 000,001,167 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\pcouffin.inf [2009.12.29 15:11:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.12.29 10:20:04 | 000,000,760 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\setup_ldm.iss [2009.12.28 16:44:26 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.12.28 16:44:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009.12.28 16:44:25 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.12.28 16:44:25 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.12.28 16:44:24 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.12.27 09:10:44 | 000,025,106 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2009.12.25 16:48:27 | 000,008,192 | ---- | C] () -- C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007.12.28 08:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2002.11.06 16:42:06 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\SDL_gfx.dll [2002.10.13 11:25:14 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\MesaGlut.dll [2002.10.13 11:23:36 | 000,363,008 | ---- | C] () -- C:\Windows\SysWow64\MesaGLU.dll [2002.10.13 11:21:50 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\osmesa.dll [2002.10.13 11:21:44 | 001,417,216 | ---- | C] () -- C:\Windows\SysWow64\MesaGL.dll [2002.10.07 03:49:26 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\SDL.dll [2002.05.20 06:12:50 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\SDL_mixer.dll [2002.04.13 11:01:10 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll [2002.04.13 11:01:02 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\SDL_net.dll [2002.04.13 11:00:48 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll [2002.02.07 11:43:38 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\sdl_sound.dll [2001.12.03 19:59:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\in_flac.dll [2001.08.13 00:00:54 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll [2001.08.13 00:00:36 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2001.08.12 23:59:58 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2001.04.05 13:24:14 | 000,169,443 | ---- | C] () -- C:\Windows\SysWow64\jpeg.dll [2001.04.05 13:24:14 | 000,094,720 | ---- | C] () -- C:\Windows\SysWow64\libpng1.dll [2001.04.05 13:24:14 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll [2001.04.04 19:33:50 | 000,209,920 | ---- | C] () -- C:\Windows\SysWow64\smpeg.dll ========== LOP Check ========== [2010.05.12 12:28:26 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\AnvSoft [2010.03.10 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\avidemux [2010.07.30 23:58:07 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\COMPUTERBILD-Abzockschutz [2010.06.18 13:03:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\concept design [2010.03.21 17:31:49 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DAEMON Tools Lite [2010.01.09 15:44:31 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DAEMON Tools Pro [2010.06.27 10:41:13 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Facebook [2010.07.29 22:05:27 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Feifb [2010.04.07 21:02:24 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\FlashGet [2010.04.07 21:00:09 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Go!Zilla [2010.04.11 13:35:43 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\griffith [2010.04.11 13:24:04 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\gtk-2.0 [2010.11.29 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ICQ [2010.05.08 09:19:29 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Iggels [2010.08.04 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Keahto [2009.12.25 15:37:28 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Leadertech [2010.01.08 22:28:16 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\LEGO Company [2010.02.27 11:34:19 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\LockHunter [2010.06.18 13:38:31 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Mask Surf [2010.02.01 19:00:57 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Miranda [2010.01.06 19:21:57 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Mp3tag [2010.07.27 21:27:47 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ohbeo [2010.08.04 16:58:58 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Onanu [2010.07.08 17:28:59 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Onwiat [2010.08.28 14:51:15 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\OpenCandy [2010.01.14 13:16:26 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\OpenOffice.org [2010.08.28 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Orbit [2010.08.28 14:52:37 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ProgSense [2010.07.07 18:22:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ryxoi [2010.01.24 16:32:16 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ScreenSeven [2010.09.11 11:30:23 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\SEGA Corporation [2010.05.13 13:10:39 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ShareTV [2010.02.25 21:42:48 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\thecleaner [2010.03.26 18:04:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Trillian [2010.02.27 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\TuneUp Software [2010.04.21 19:35:41 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ubisoft [2010.08.28 14:52:07 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Uniblue [2010.03.25 21:56:24 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\vghd [2010.06.12 09:04:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\VSO [2010.08.24 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\XnView [2010.11.16 17:10:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.05.13 10:37:58 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Adobe [2010.05.12 12:28:26 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\AnvSoft [2010.03.10 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\avidemux [2010.04.06 11:47:22 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Avira [2010.07.30 23:58:07 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\COMPUTERBILD-Abzockschutz [2010.06.18 13:03:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\concept design [2010.08.21 10:05:25 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\CyberLink [2010.03.21 17:31:49 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DAEMON Tools Lite [2010.01.09 15:44:31 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DAEMON Tools Pro [2010.03.06 01:03:10 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\DivX [2010.06.23 21:44:41 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\dvdcss [2010.06.27 10:41:13 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Facebook [2010.07.29 22:05:27 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Feifb [2010.04.07 21:02:24 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\FlashGet [2010.04.07 21:00:09 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Go!Zilla [2010.01.24 16:49:11 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Google [2010.04.11 13:35:43 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\griffith [2010.04.11 13:24:04 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\gtk-2.0 [2010.11.29 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ICQ [2009.12.25 15:28:59 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Identities [2010.05.08 09:19:29 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Iggels [2010.01.27 20:08:47 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\InstallShield [2010.09.12 13:58:20 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\InstallShield Installation Information [2010.08.04 17:00:30 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Keahto [2009.12.25 15:37:28 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Leadertech [2010.01.08 22:28:16 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\LEGO Company [2010.02.27 11:34:19 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\LockHunter [2009.12.25 15:37:38 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Logitech [2009.12.28 11:36:06 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Macromedia [2010.06.18 13:38:31 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Mask Surf [2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Media Center Programs [2009.12.25 23:09:58 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Media Player Classic [2010.11.24 17:43:34 | 000,000,000 | --SD | M] -- C:\Users\Flo\AppData\Roaming\Microsoft [2010.02.01 19:00:57 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Miranda [2009.12.26 10:09:06 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Mozilla [2010.01.06 19:21:57 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Mp3tag [2010.04.13 18:22:46 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Nero [2010.08.21 22:40:03 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\NVIDIA [2010.07.27 21:27:47 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ohbeo [2010.08.04 16:58:58 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Onanu [2010.07.08 17:28:59 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Onwiat [2010.08.28 14:51:15 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\OpenCandy [2010.01.14 13:16:26 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\OpenOffice.org [2010.08.28 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Orbit [2010.08.28 14:52:37 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ProgSense [2010.03.26 22:34:02 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Real [2010.07.07 18:22:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ryxoi [2010.01.24 16:32:16 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ScreenSeven [2010.03.28 10:29:55 | 000,000,000 | RH-D | M] -- C:\Users\Flo\AppData\Roaming\SecuROM [2010.09.11 11:30:23 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\SEGA Corporation [2010.05.13 13:10:39 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\ShareTV [2010.11.29 19:37:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Skype [2010.11.29 17:25:45 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\skypePM [2010.02.25 21:51:39 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\SUPERAntiSpyware.com [2010.02.25 21:42:48 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\thecleaner [2010.06.18 13:43:33 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Tor [2010.03.26 18:04:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Trillian [2010.02.27 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\TuneUp Software [2010.04.21 19:35:41 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Ubisoft [2010.08.28 14:52:07 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\Uniblue [2010.03.25 21:56:24 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\vghd [2010.11.24 20:53:36 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\vlc [2010.06.12 09:04:34 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\VSO [2009.12.29 19:41:09 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\WinRAR [2010.08.24 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Flo\AppData\Roaming\XnView < %APPDATA%\*.exe /s > [2010.02.25 16:37:46 | 000,099,384 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\inst.exe [2010.06.27 10:41:13 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Flo\AppData\Roaming\Facebook\uninstall.exe [2008.08.15 19:31:08 | 000,121,064 | R--- | M] (Macrovision Corporation) -- C:\Users\Flo\AppData\Roaming\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe [2010.09.12 14:23:55 | 000,331,776 | ---- | M] (Rockstar Games ) -- C:\Users\Flo\AppData\Roaming\InstallShield Installation Information\{A724605D-B399-4304-B8C7-33B3EF7D4677}\setup.exe [2010.03.05 13:34:19 | 007,424,000 | R--- | M] (OpenOffice.org) -- C:\Users\Flo\AppData\Roaming\Microsoft\Installer\{2217B0B4-35CB-48C6-B640-864DF2F30F99}\soffice.exe [2010.02.13 18:09:10 | 000,376,320 | R--- | M] () -- C:\Users\Flo\AppData\Roaming\Microsoft\Installer\{52B65911-1559-4ED5-9461-46957FDD48CD}\Icon52B659113.exe [2010.08.26 22:09:57 | 000,018,902 | R--- | M] () -- C:\Users\Flo\AppData\Roaming\Microsoft\Installer\{52E26953-00EF-42B3-A075-A57E86A38D07}\_26e91eb.exe [2010.08.26 22:09:57 | 000,018,902 | R--- | M] () -- C:\Users\Flo\AppData\Roaming\Microsoft\Installer\{52E26953-00EF-42B3-A075-A57E86A38D07}\_5af141bb.exe [2009.12.30 13:28:27 | 000,421,943 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\OpenCandy\Snagit-DEWrapped.exe [2010.08.28 14:51:17 | 000,331,304 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\OpenCandy\OpenCandy_FB906D2E30DA4AF5A54844265C759B2A\DLMgr_3_1.6.44.exe [2010.05.05 18:53:38 | 004,072,576 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Flo\AppData\Roaming\OpenCandy\OpenCandy_FB906D2E30DA4AF5A54844265C759B2A\registrybooster21.exe [2010.08.28 14:51:43 | 004,125,269 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\OpenCandy\OpenCandy_FB906D2E30DA4AF5A54844265C759B2A\registrybooster21Wrapped.exe < %SYSTEMDRIVE%\*.exe > [2007.11.07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: IASTORV.SYS > [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010.09.01 05:29:28 | 011,406,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:7D43E156 < End of report > |
|
30.11.2010, 19:08
| #6 |
| /// Malware-holic | Mein Pc macht was er will machst du onlinebanking /einkäufe?
__________________ --> Mein Pc macht was er will |
|
30.11.2010, 19:29
| #7 |
| | Mein Pc macht was er will ja mache ich |
|
30.11.2010, 19:40
| #8 |
| /// Malware-holic | Mein Pc macht was er will dann bank anrufen, zugang sperren lassen. falls zweit pc zur verfügung, von dort alle passwörter endern, nicht mehr vom infizierten bs aus nutzen. dann daten sichern, dann hier melden, damit ich dir ne anleitung zum neuaufsetzen /absichern geben kann
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
30.11.2010, 20:27
| #9 |
| | Mein Pc macht was er will ok passwörter habe ich geändert danke für deine schnellen antworten  wenn ich das system neu aufstetze sind meine ganzen bilder usw. weg ?? hab nämlich keine externe festplatte ?? |
|
30.11.2010, 20:41
| #10 |
| /// Malware-holic | Mein Pc macht was er will hi, dann eben brennen oder die gelegenheit, falls der geldbeutel es hergibt, nutzen und ne externe festplatte kaufen, denn überleg mal bitte was du machst, wenn deine festplatte mal kaputt ist? ne professionelle daten rettung kostet gut und gern 500 bis mehr €
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.12.2010, 18:01
| #11 |
| | Mein Pc macht was er will ok ja fesdplatte kaufen dürfte kein problem sein  jetzt aute ich mich mal wieder als totaler noob wenn ich die sachen auf die externe festplatte ziehe ist dann nicht der virus auf der externen festplatte ? |
|
01.12.2010, 18:04
| #12 |
| /// Malware-holic | Mein Pc macht was er will nein ist er nicht. wir prüfen sie aber natürlich sicherheitshalber, wenn das neue system eingerichtet ist.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.12.2010, 16:40
| #13 |
| | Mein Pc macht was er will ok ich melde mich dann wieder wenn ich das mit den daten gemacht habe |
|
| Themen zu Mein Pc macht was er will |
| anderes, anfang, anti, anti vir, bild, bilder, board, forum, hilfreiche, i-net, maus, mausklick, min, musik, neu, nicht mehr, problem, schließen, schließen sich, schnell, taskleiste, tastatur, tipps, trojaner, trojaner board, wlan, wmp, öffnen |
Linear-Darstellung
