|
Plagegeister aller Art und deren Bekämpfung: Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauerndWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.12.2010, 20:07 | #1 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd Servus .. ich habe das gleiche problem wie in diesem beitrag: http://www.trojaner-board.de/94172-h...-detected.html Ich habe die OTL.exe ausgeführt, mit scan...gestern gings aber heute beim anschalten vom laptop der gleiche schmarrn wieder ... wie werd ich den schrott denn wieder los?! hier meine 2 erstellten dateien nachm scan mit OTL.. otl.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.12.2010 19:55:26 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\****\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 217,29 Gb Total Space | 135,81 Gb Free Space | 62,50% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\***\AppData\Local\Temp\login.exe () PRC - C:\Windows\win16.exe () PRC - C:\Windows\user.exe () PRC - C:\Windows\debug.exe () PRC - C:\Users\***\AppData\Local\Temp\3557571.exe (HDD Corporation) PRC - C:\Users\***\AppData\Local\Temp\w9czhv522y.exe () PRC - C:\Windows\drweb.exe () PRC - C:\Users\***\AppData\Local\Temp\win32.exe () PRC - C:\Users\***\AppData\Local\Temp\lsass.exe () PRC - C:\Windows\taskmgr.exe () PRC - C:\Users\***\AppData\Local\Temp\hrds2.exe () PRC - C:\Users\***\AppData\Local\Temp\idemoodp0cetka.exe (DzYRg4pL505B0) PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitor.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Windows\PLFSetI.exe () ========== Modules (SafeList) ========== MOD - C:\Users\****\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer) SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.) SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBCCID) -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys File not found DRV:64bit: - (RtsUIR) -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys File not found DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (int15.sys) -- C:\Windows\SysNative\OEM\factory\int15.sys (Acer, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273605102216l03e3z166t68i4y741 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273605102216l03e3z166t68i4y741 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273605102216l03e3z166t68i4y741 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273605102216l03e3z166t68i4y741 IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5739g&r=273605102216l03e3z166t68i4y741 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ehc-muenchen.de/ IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:59274 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.ehc-muenchen.de/" FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..keyword.URL: "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.12.19 15:19:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\components [2010.12.27 17:23:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\plugins [2010.12.11 15:59:52 | 000,000,000 | ---D | M] [2010.05.12 18:47:07 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2010.12.28 19:41:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\mk4ohri2.default\extensions [2010.06.03 18:03:08 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\mk4ohri2.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.11.23 21:08:35 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\mk4ohri2.default\extensions\vshare@toolbar [2010.11.23 22:14:16 | 000,001,583 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\FireFox\Profiles\mk4ohri2.default\searchplugins\web-search.xml O1 HOSTS File: ([2010.12.26 22:40:48 | 000,000,056 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101227172332.dll (McAfee, Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101227172332.dll (McAfee, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [LvtqZkfgoec] C:\Users\****\AppData\Local\Temp\hrds2.exe () O4 - HKLM..\Run: [LvtqZkfgprc] C:\Users\****\AppData\Local\Temp\login.exe () O4 - HKLM..\Run: [LvtqZkfgpuc] C:\Users\****\AppData\Local\Temp\lsass.exe () O4 - HKLM..\Run: [LvtqZkfgsfDh] C:\Users\****\AppData\Local\Temp\w9czhv522y.exe () O4 - HKLM..\Run: [LvtqZkfgsPc] C:\Users\****\AppData\Local\Temp\win32.exe () O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [Mqqoc] C:\Windows\debug.exe () O4 - HKLM..\Run: [Mqqsc] C:\Windows\drweb.exe () O4 - HKLM..\Run: [Mque] C:\Windows\user.exe () O4 - HKLM..\Run: [Mqurb] C:\Windows\taskmgr.exe () O4 - HKLM..\Run: [MqvPc] C:\Windows\win16.exe () O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [uPc+nuvfeefnThaGuo] C:\Users\****\AppData\Local\Temp\q90rj9um.DLL () O4 - HKLM..\Run: [uPc+nuvfeefnvFaXms] C:\Users\****\AppData\Local\Temp\stta76y.DLL () O4 - HKCU..\Run: [3557571] C:\Users\****\AppData\Local\Temp\3557571.exe (HDD Corporation) O4 - HKCU..\Run: [ElkTBhTOiqUEWYN.exe] C:\Users\****\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe (iWin software) O4 - HKCU..\Run: [LvtqZkfgoec] C:\Users\****\AppData\Local\Temp\hrds2.exe () O4 - HKCU..\Run: [LvtqZkfgprc] C:\Users\****\AppData\Local\Temp\login.exe () O4 - HKCU..\Run: [LvtqZkfgpuc] C:\Users\****\AppData\Local\Temp\lsass.exe () O4 - HKCU..\Run: [LvtqZkfgsfDh] C:\Users\****\AppData\Local\Temp\w9czhv522y.exe () O4 - HKCU..\Run: [LvtqZkfgsPc] C:\Users\****\AppData\Local\Temp\win32.exe () O4 - HKCU..\Run: [Mqqoc] C:\Windows\debug.exe () O4 - HKCU..\Run: [Mqqsc] C:\Windows\drweb.exe () O4 - HKCU..\Run: [Mque] C:\Windows\user.exe () O4 - HKCU..\Run: [Mqurb] C:\Windows\taskmgr.exe () O4 - HKCU..\Run: [MqvPc] C:\Windows\win16.exe () O4 - HKCU..\Run: [MS Service Manager] C:\Users\****\AppData\Local\Temp\idemoodp0cetka.exe (DzYRg4pL505B0) O4 - HKCU..\Run: [portwexexe.exe] C:\portwexexe.exe\portwexexe.exe () O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [uPc+nuvfeefnThaGuo] C:\Users\****\AppData\Local\Temp\q90rj9um.DLL () O4 - HKCU..\Run: [uPc+nuvfeefnvFaXms] C:\Users\****\AppData\Local\Temp\stta76y.DLL () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.234.128.7 195.234.128.16 85.233.58.60 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.27 19:10:08 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\vlc [2010.12.27 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2010.12.27 17:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com [2010.12.27 17:23:31 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys [2010.12.27 17:23:25 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe [2010.12.27 17:23:22 | 000,529,128 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys [2010.12.27 17:23:22 | 000,441,328 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys [2010.12.27 17:23:22 | 000,283,360 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys [2010.12.27 17:23:22 | 000,190,136 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys [2010.12.27 17:23:22 | 000,121,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys [2010.12.27 17:23:22 | 000,094,864 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys [2010.12.27 17:23:22 | 000,075,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys [2010.12.27 17:23:22 | 000,062,800 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys [2010.12.26 22:38:31 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\TeamViewer [2010.12.26 22:00:56 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2010.12.26 22:00:56 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2010.12.26 22:00:56 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2010.12.26 22:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.12.26 22:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.12.26 22:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010.12.26 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010.12.26 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2010.12.26 22:00:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.12.21 18:06:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson [2010.12.21 18:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson [2010.12.19 14:49:02 | 000,000,000 | ---D | C] -- C:\Extracted [2010.12.19 13:52:41 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Meine empfangenen Dateien [2010.12.19 12:04:50 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\iphone sicherung bilder [2010.12.19 11:39:40 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010.12.19 11:39:40 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010.12.19 11:39:40 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010.12.19 11:39:40 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010.12.19 11:39:40 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010.12.19 11:39:40 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010.12.19 11:39:40 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010.12.19 11:39:40 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010.12.19 11:39:39 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.12.19 11:39:39 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.12.19 11:39:39 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.12.19 11:39:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.12.19 11:39:37 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010.12.19 11:39:37 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010.12.19 11:39:36 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010.12.19 11:39:29 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.12.19 11:39:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.12.19 11:39:29 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.12.19 11:39:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.12.19 11:39:29 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.12.19 11:39:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.12.19 11:39:29 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.12.19 11:39:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.12.19 11:39:28 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.12.19 11:39:28 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.12.19 11:39:28 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.12.19 11:39:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.12.19 11:39:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.12.19 11:39:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.12.11 15:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2010.05.12 18:46:44 | 011,676,632 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll [2010.05.12 18:46:44 | 000,644,568 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nss3.dll [2010.05.12 18:46:44 | 000,458,200 | ---- | C] (sqlite.org) -- C:\Program Files\sqlite3.dll [2010.05.12 18:46:44 | 000,349,656 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssckbi.dll [2010.05.12 18:46:44 | 000,243,160 | ---- | C] (Mozilla Foundation) -- C:\Program Files\updater.exe [2010.05.12 18:46:44 | 000,155,648 | ---- | C] (Mozilla Foundation) -- C:\Program Files\softokn3.dll [2010.05.12 18:46:44 | 000,140,760 | ---- | C] (Mozilla Foundation) -- C:\Program Files\ssl3.dll [2010.05.12 18:46:44 | 000,103,896 | ---- | C] (Mozilla Foundation) -- C:\Program Files\smime3.dll [2010.05.12 18:46:44 | 000,098,304 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssdbm3.dll [2010.05.12 18:46:44 | 000,087,512 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssutil3.dll [2010.05.12 18:46:44 | 000,020,440 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plc4.dll [2010.05.12 18:46:44 | 000,017,880 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xpcom.dll [2010.05.12 18:46:44 | 000,017,368 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plds4.dll [2010.05.12 18:46:43 | 000,910,296 | ---- | C] (Mozilla Corporation) -- C:\Program Files\firefox.exe [2010.05.12 18:46:43 | 000,718,296 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozcrt19.dll [2010.05.12 18:46:43 | 000,249,856 | ---- | C] (Mozilla Foundation) -- C:\Program Files\freebl3.dll [2010.05.12 18:46:43 | 000,169,432 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nspr4.dll [2010.05.12 18:46:43 | 000,120,792 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe [2010.05.12 18:46:43 | 000,017,880 | ---- | C] (Mozilla Foundation) -- C:\Program Files\AccessibleMarshal.dll [2009.08.22 07:22:38 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.12.28 19:54:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.12.28 19:47:40 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.28 19:47:40 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.28 19:42:32 | 000,001,792 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2010.12.28 19:41:17 | 000,027,885 | ---- | M] () -- C:\Windows\SysNative\Config.MPF [2010.12.28 19:40:22 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.12.28 19:40:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.28 19:39:55 | 3193,643,008 | -HS- | M] () -- C:\hiberfil.sys [2010.12.27 19:09:43 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.12.27 18:17:06 | 000,000,971 | ---- | M] () -- C:\Users\****\Desktop\Scanner.lnk [2010.12.27 18:15:12 | 000,060,004 | -H-- | M] () -- C:\Windows\win16.exe [2010.12.27 18:15:11 | 000,060,004 | -H-- | M] () -- C:\Windows\user.exe [2010.12.27 18:15:11 | 000,060,004 | -H-- | M] () -- C:\Windows\debug.exe [2010.12.27 17:23:32 | 000,000,008 | ---- | M] () -- C:\Program Files\.autoreg [2010.12.26 22:40:48 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.12.26 22:01:00 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.26 16:34:30 | 011,174,826 | ---- | M] () -- C:\Users\****\Desktop\redsn0w_win_0.9.6b6.zip [2010.12.21 18:09:30 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2010.12.21 18:08:56 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.12.21 18:08:56 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.12.21 18:08:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.12.21 18:08:56 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.12.21 18:08:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.12.19 21:30:06 | 000,342,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.12.19 14:50:12 | 000,045,568 | -H-- | M] () -- C:\Users\****\secupdat.dat [2010.12.19 14:49:17 | 000,060,004 | -H-- | M] () -- C:\Windows\drweb.exe [2010.12.19 14:49:15 | 000,060,004 | -H-- | M] () -- C:\Windows\taskmgr.exe [2010.12.11 15:59:43 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.12.27 19:09:43 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.12.27 18:24:21 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2010.12.27 18:17:06 | 000,000,971 | ---- | C] () -- C:\Users\****\Desktop\Scanner.lnk [2010.12.27 18:15:12 | 000,060,004 | -H-- | C] () -- C:\Windows\win16.exe [2010.12.27 18:15:11 | 000,060,004 | -H-- | C] () -- C:\Windows\user.exe [2010.12.27 18:15:11 | 000,060,004 | -H-- | C] () -- C:\Windows\debug.exe [2010.12.27 17:23:32 | 000,000,008 | ---- | C] () -- C:\Program Files\.autoreg [2010.12.26 22:55:12 | 011,174,826 | ---- | C] () -- C:\Users\****\Desktop\redsn0w_win_0.9.6b6.zip [2010.12.26 22:01:00 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.12.21 18:06:19 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk [2010.12.19 14:50:12 | 000,045,568 | -H-- | C] () -- C:\Users\****\secupdat.dat [2010.12.19 14:49:17 | 000,060,004 | -H-- | C] () -- C:\Windows\drweb.exe [2010.12.19 14:49:15 | 000,060,004 | -H-- | C] () -- C:\Windows\taskmgr.exe [2010.12.11 15:59:43 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2010.05.12 18:46:46 | 000,000,701 | ---- | C] () -- C:\Program Files\updater.ini [2010.05.12 18:46:46 | 000,000,220 | ---- | C] () -- C:\Program Files\browserconfig.properties [2010.05.12 18:46:46 | 000,000,003 | ---- | C] () -- C:\Program Files\update.locale [2010.05.12 18:46:44 | 000,000,478 | ---- | C] () -- C:\Program Files\softokn3.chk [2010.05.12 18:46:44 | 000,000,478 | ---- | C] () -- C:\Program Files\nssdbm3.chk [2010.05.12 18:46:44 | 000,000,229 | ---- | C] () -- C:\Program Files\README.txt [2010.05.12 18:46:44 | 000,000,141 | ---- | C] () -- C:\Program Files\platform.ini [2010.05.12 18:46:43 | 001,015,256 | ---- | C] () -- C:\Program Files\js3250.dll [2010.05.12 18:46:43 | 000,040,416 | ---- | C] () -- C:\Program Files\install.log [2010.05.12 18:46:43 | 000,031,393 | ---- | C] () -- C:\Program Files\LICENSE [2010.05.12 18:46:43 | 000,004,296 | ---- | C] () -- C:\Program Files\crashreporter.ini [2010.05.12 18:46:43 | 000,002,530 | ---- | C] () -- C:\Program Files\blocklist.xml [2010.05.12 18:46:43 | 000,002,126 | ---- | C] () -- C:\Program Files\application.ini [2010.05.12 18:46:43 | 000,000,705 | ---- | C] () -- C:\Program Files\crashreporter-override.ini [2010.05.12 18:46:43 | 000,000,478 | ---- | C] () -- C:\Program Files\freebl3.chk [2009.08.22 07:22:18 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.01.09 12:41:25 | 000,007,922 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2009.01.09 12:28:28 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll [2009.01.09 12:28:28 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll ========== LOP Check ========== [2010.05.12 23:11:21 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FileZilla [2010.12.28 19:39:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ICQ [2010.05.12 17:25:25 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PowerCinema [2010.05.12 17:25:36 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\SoftDMA [2010.06.13 12:50:40 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Software4u [2010.12.26 22:38:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer [2010.12.27 23:00:50 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\UseNeXT [2010.12.05 19:18:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > extra.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.12.2010 19:55:26 - Run 1 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\****\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 217,29 Gb Total Space | 135,81 Gb Free Space | 62,50% Space Free | Partition Type: NTFS Computer Name: ****-PC | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes "{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour "{EF5948BA-589D-4BE7-B993-C45DC1A77E24}" = MobileMe Control Panel "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "LSI Soft Modem" = LSI HDA Modem "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NVIDIA Drivers" = NVIDIA Drivers "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre "{02A55871-A354-48CC-8549-F7719982F51A}" = Acer Arcade Instant On "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21 "{27996809-446F-7261-6C69-6B654C656F6E}" = "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2D3858B1-226A-420D-9C9D-B51864E85429}" = Nuvoton CIR Device Driver "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari "{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2 "{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam "{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise "{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "DivX Setup.divx.com" = DivX-Setup "FileZilla Client" = FileZilla Client 3.3.3 "GridVista" = Acer GridVista "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Identity Card" = Identity Card "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager "LManager" = Launch Manager "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "MSC" = McAfee SecurityCenter "NSS" = Norton Security Scan "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "softonic-de3 Toolbar" = softonic-de3 Toolbar "Steam App 10" = Counter-Strike "Steam App 240" = Counter-Strike: Source "UseNeXT_is1" = UseNeXT "VLC media player" = VLC media player 0.9.9 "vShare" = vShare Plugin "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 21.12.2010 13:14:15 | Computer Name = ****-PC | Source = SideBySide | ID = 16842787 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error - 21.12.2010 13:14:17 | Computer Name = ****-PC | Source = SideBySide | ID = 16842787 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error - 21.12.2010 13:14:17 | Computer Name = ****-PC | Source = SideBySide | ID = 16842787 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error - 21.12.2010 13:18:59 | Computer Name = ****-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\****\Downloads\SoftonicDownloader57003.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Error - 21.12.2010 13:18:59 | Computer Name = ****-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\****\Downloads\SoftonicDownloader_fuer_windows-live-messenger.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Error - 21.12.2010 14:17:16 | Computer Name = ****-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig. . Error - 21.12.2010 18:06:27 | Computer Name = ****-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: hrds2.exe, Version: 0.0.0.0, Zeitstempel: 0x4d08efa9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00401d50 ID des fehlerhaften Prozesses: 0xadc Startzeit der fehlerhaften Anwendung: 0x01cba12b9076e930 Pfad der fehlerhaften Anwendung: C:\Users\****\AppData\Local\Temp\hrds2.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 8df98d4b-0d4e-11e0-bf72-00269e59de32 Error - 22.12.2010 20:13:49 | Computer Name = ****-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: hrds2.exe, Version: 0.0.0.0, Zeitstempel: 0x4d08efa9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00401d50 ID des fehlerhaften Prozesses: 0xd74 Startzeit der fehlerhaften Anwendung: 0x01cba224cb804695 Pfad der fehlerhaften Anwendung: C:\Users\****\AppData\Local\Temp\hrds2.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 8353f794-0e29-11e0-bf73-00269e59de32 Error - 24.12.2010 10:45:39 | Computer Name = ****-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: hrds2.exe, Version: 0.0.0.0, Zeitstempel: 0x4d08efa9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00401d50 ID des fehlerhaften Prozesses: 0xd24 Startzeit der fehlerhaften Anwendung: 0x01cba376e34470b8 Pfad der fehlerhaften Anwendung: C:\Users\****\AppData\Local\Temp\hrds2.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 79632f4a-0f6c-11e0-87a8-00269e59de32 Error - 24.12.2010 10:49:37 | Computer Name = ****-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: rundll32.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x100018e2 ID des fehlerhaften Prozesses: 0xd6c Startzeit der fehlerhaften Anwendung: 0x01cba376e365c3fc Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\rundll32.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 06df0924-0f6d-11e0-87a8-00269e59de32 [ System Events ] Error - 06.11.2010 15:51:35 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 18.11.2010 02:06:21 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 18.11.2010 02:06:21 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 19.11.2010 12:09:31 | Computer Name = ****-PC | Source = DCOM | ID = 10010 Description = Error - 24.11.2010 16:40:19 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7043 Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error - 11.12.2010 11:01:27 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 11.12.2010 11:01:50 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 11.12.2010 11:02:50 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Apple Mobile Device" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 11.12.2010 11:03:33 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 3 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 19.12.2010 11:39:18 | Computer Name = ****-PC | Source = DCOM | ID = 10010 Description = < End of report > Ich hoffe mir kann jemand helfen mfg |
28.12.2010, 20:18 | #2 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd in meinem script nicht vergessen *** durch deinen namen zu ersetzen!
__________________• Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL PRC - C:\Users\***\AppData\Local\Temp\login.exe () PRC - C:\Windows\win16.exe () PRC - C:\Windows\user.exe () PRC - C:\Windows\debug.exe () PRC - C:\Users\***\AppData\Local\Temp\3557571.exe (HDD Corporation) PRC - C:\Users\***\AppData\Local\Temp\w9czhv522y.exe () PRC - C:\Windows\drweb.exe () PRC - C:\Users\***\AppData\Local\Temp\win32.exe () PRC - C:\Users\***\AppData\Local\Temp\lsass.exe () PRC - C:\Windows\taskmgr.exe () PRC - C:\Users\***\AppData\Local\Temp\hrds2.exe () PRC - C:\Users\***\AppData\Local\Temp\idemoodp0cetka.exe (DzYRg4pL505B0) O4 - HKLM..\Run: [LvtqZkfgoec] C:\Users\****\AppData\Local\Temp\hrds2.exe () O4 - HKLM..\Run: [LvtqZkfgprc] C:\Users\****\AppData\Local\Temp\login.exe () O4 - HKLM..\Run: [LvtqZkfgpuc] C:\Users\****\AppData\Local\Temp\lsass.exe () O4 - HKLM..\Run: [LvtqZkfgsfDh] C:\Users\****\AppData\Local\Temp\w9czhv522y.exe () O4 - HKLM..\Run: [LvtqZkfgsPc] C:\Users\****\AppData\Local\Temp\win32.exe () O4 - HKLM..\Run: [Mqqoc] C:\Windows\debug.exe () O4 - HKLM..\Run: [Mqqsc] C:\Windows\drweb.exe () O4 - HKLM..\Run: [Mque] C:\Windows\user.exe () O4 - HKLM..\Run: [Mqurb] C:\Windows\taskmgr.exe () O4 - HKLM..\Run: [MqvPc] C:\Windows\win16.exe () O4 - HKLM..\Run: [uPc+nuvfeefnThaGuo] C:\Users\****\AppData\Local\Temp\q90rj9um.DLL () O4 - HKLM..\Run: [uPc+nuvfeefnvFaXms] C:\Users\****\AppData\Local\Temp\stta76y.DLL () O4 - HKCU..\Run: [ElkTBhTOiqUEWYN.exe] C:\Users\****\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe (iWin software) O4 - HKCU..\Run: [LvtqZkfgoec] C:\Users\****\AppData\Local\Temp\hrds2.exe () O4 - HKCU..\Run: [LvtqZkfgprc] C:\Users\****\AppData\Local\Temp\login.exe () O4 - HKCU..\Run: [LvtqZkfgpuc] C:\Users\****\AppData\Local\Temp\lsass.exe () O4 - HKCU..\Run: [LvtqZkfgsfDh] C:\Users\****\AppData\Local\Temp\w9czhv522y.exe () O4 - HKCU..\Run: [LvtqZkfgsPc] C:\Users\****\AppData\Local\Temp\win32.exe () O4 - HKCU..\Run: [Mqqoc] C:\Windows\debug.exe () O4 - HKCU..\Run: [Mqqsc] C:\Windows\drweb.exe () O4 - HKCU..\Run: [Mque] C:\Windows\user.exe () O4 - HKCU..\Run: [Mqurb] C:\Windows\taskmgr.exe () O4 - HKCU..\Run: [MqvPc] C:\Windows\win16.exe () O4 - HKCU..\Run: [MS Service Manager] C:\Users\****\AppData\Local\Temp\idemoodp0cetka.exe (DzYRg4pL505B0) O4 - HKCU..\Run: [portwexexe.exe] C:\portwexexe.exe\portwexexe.exe () O4 - HKCU..\Run: [uPc+nuvfeefnThaGuo] C:\Users\****\AppData\Local\Temp\q90rj9um.DLL () O4 - HKCU..\Run: [uPc+nuvfeefnvFaXms] C:\Users\****\AppData\Local\Temp\stta76y.DLL () [2010.12.19 14:50:12 | 000,045,568 | -H-- | M] () -- C:\Users\****\secupdat.dat :Files :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort posten. öffne mein computer, c: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. lade das archiv in unserem upload channel hoch. http://www.trojaner-board.de/54791-a...ner-board.html
__________________ |
28.12.2010, 22:36 | #3 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd text datei ist hochgeladen im upload channel!
__________________bisher kommt nix mehr ^^ |
29.12.2010, 12:35 | #4 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd du solltest nicht die textdatei hochladen, sondern moved files. lies bitte noch mal :-) den inhalt der textdatei solltest du hier einstellen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
03.01.2011, 08:19 | #5 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd Hier die text Datei All processes killed ========== OTL ========== No active process named login.exe was found! No active process named win16.exe was found! No active process named user.exe was found! No active process named debug.exe was found! No active process named 3557571.exe was found! No active process named w9czhv522y.exe was found! No active process named drweb.exe was found! No active process named win32.exe was found! No active process named lsass.exe was found! No active process named taskmgr.exe was found! No active process named hrds2.exe was found! No active process named idemoodp0cetka.exe was found! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgoec deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\hrds2.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgprc deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\login.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgpuc deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\lsass.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgsfDh deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\w9czhv522y.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgsPc deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\win32.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqoc deleted successfully. C:\Windows\debug.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully. C:\Windows\drweb.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mque deleted successfully. C:\Windows\user.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Mqurb deleted successfully. C:\Windows\taskmgr.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully. C:\Windows\win16.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+nuvfeefnThaGuo deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\q90rj9um.DLL moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+nuvfeefnvFaXms deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\stta76y.DLL moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ElkTBhTOiqUEWYN.exe deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgoec deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\hrds2.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgprc deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\login.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgpuc deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\lsass.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgsfDh deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\w9czhv522y.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\LvtqZkfgsPc deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\win32.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqoc deleted successfully. File C:\Windows\debug.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mqqsc deleted successfully. File C:\Windows\drweb.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mque deleted successfully. File C:\Windows\user.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Mqurb deleted successfully. File C:\Windows\taskmgr.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MqvPc deleted successfully. File C:\Windows\win16.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MS Service Manager deleted successfully. C:\Users\pyrooo\AppData\Local\Temp\idemoodp0cetka.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\portwexexe.exe deleted successfully. C:\portwexexe.exe\portwexexe.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+nuvfeefnThaGuo deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\q90rj9um.DLL not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+nuvfeefnvFaXms deleted successfully. File C:\Users\pyrooo\AppData\Local\Temp\stta76y.DLL not found. C:\Users\pyrooo\secupdat.dat moved successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: AppData User: Default User: Default User User: Public User: pyrooo ->Flash cache emptied: 2814439 bytes Total Flash Files Cleaned = 3,00 mb [EMPTYTEMP] User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: pyrooo ->Temp folder emptied: 435312985 bytes ->Temporary Internet Files folder emptied: 36155566 bytes ->Java cache emptied: 3625214 bytes ->FireFox cache emptied: 56901031 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 14113 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 30707584 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50300 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 537,00 mb OTL by OldTimer - Version 3.2.18.0 log created on 12282010_222901 Files\Folders moved on Reboot... C:\Users\pyrooo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Windows\temp\mcafee_dVDzy1CFj8av1eB not found! File\Folder C:\Windows\temp\mcafee_VejYUk4JfBtBgMs not found! File\Folder C:\Windows\temp\sqlite_8S9KgTJD3N6sLWt not found! File\Folder C:\Windows\temp\sqlite_NaWzhjav4DXmzST not found! Registry entries deleted on Reboot... |
03.01.2011, 13:49 | #6 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd ich warte auf den upload.
__________________ --> Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd |
04.01.2011, 08:10 | #7 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd gezipte Datei ist hochgeladen im Channel |
04.01.2011, 20:43 | #8 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd machst du onlinebanking /einkäufe?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
04.01.2011, 21:49 | #9 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd Online Banking: JA Einkäufe: ebay JA |
05.01.2011, 13:02 | #10 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd dann lasse sofort dein onlinebanking sperren! dein pc ist sehr stark versäucht. du solltest deine daten sichern, und dann gebe ich dir ne anleitung zum neu aufsetzen /absichern. sonst kannst du an dem pc nie wieder sicher einkaufen oder banking machen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.01.2011, 10:42 | #11 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd na super ... ok aber dann werd ich ihn neu aufsetzen mit partitionen etc.. is mir dann sicherer! ich werd dann erstmal die daten sichern .... |
06.01.2011, 12:30 | #12 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd ja, siehs positiv, ist ja noch nichts schlimmeres passiert. ich geb dir auch ne anleitung für nen vernünftiges backup programm, damit kannst du beim nächsten trojaner in 10 dein system in einen sauberen zustand zurückversetzen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
06.01.2011, 14:06 | #13 |
| Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd Jap Gott sei Dank is nix schlimmeres passiert, dank Deiner Hilfe Jap so eine Anleitung wäre super wennst die mir zukommen lässt |
06.01.2011, 14:13 | #14 |
/// Malware-holic | Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd na klar. - daten sichern. - win cd einlegen, pc von cd starten, formatieren. - windows instalieren. - evtl. nötige treiber instalieren, falls cds dafür vorhanden. http://www.trojaner-board.de/96344-a...-rechners.html
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Critical Error RAM memory usage .. HDD ... "Scanner" öffnet sich dauernd |
64-bit, adobe, autorun, bho, bonjour, c:\windows\system32\rundll32.exe, conduit, defender, ebay, error, excel, firefox.exe, flash player, format, google, home, home premium, iastor.sys, ieframe.dll, install.exe, launch, location, locker, logfile, microsoft office word, monitor.exe, mozilla, mywinlocker, office 2007, oldtimer, otl.exe, plug-in, portwexexe.exe, problem, programdata, programm, realtek, registry, richtlinie, rundll, saver, scan, searchplugins, security, security update, shell32.dll, shortcut, siteadvisor, software, symantec, syswow64, usb 2.0, usbaapl64, webcheck, windows, windows live mesh |