|
Log-Analyse und Auswertung: PC hängt öfter und Programme stürzen ab!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.02.2011, 18:46 | #1 |
| PC hängt öfter und Programme stürzen ab! Hallo Helfer, seit einiger zeit hängt (freeze) mein pc des öfteren und programme stürzen einfach ab (reagieren nicht mehr)! ich hoffe ich hab alles der anleitung nach richtig gemacht/gepostet. falls nicht...sorry mahalo!!! MBAM log Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5777 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 16.02.2011 23:36:11 mbam-log-2011-02-16 (23-36-11).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 142755 Laufzeit: 8 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\RECYCLER\s-1-5-21-527237240-1645522239-839522115-1003\Dc15.exe (PUP.PWDump) -> Quarantined and deleted successfully. c:\RECYCLER\s-1-5-21-527237240-1645522239-839522115-1003\Dc33\XPKey.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\notepad.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. defogger_disable log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 18:30 on 17/02/2011 (Cai) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Gmer.text Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net Rootkit scan 2011-02-17 08:41:16 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_MP0804H rev.UE100-14 Running: g2m3e4r.exe; Driver: C:\DOCUME~1\Cai\LOCALS~1\Temp\ufldyfog.sys ---- System - GMER 1.0.15 ---- SSDT F7CD79D6 ZwCreateKey SSDT F7CD79CC ZwCreateThread SSDT F7CD79DB ZwDeleteKey SSDT F7CD79E5 ZwDeleteValueKey SSDT F7CD79EA ZwLoadKey SSDT F7CD79B8 ZwOpenProcess SSDT F7CD79BD ZwOpenThread SSDT F7CD79F4 ZwReplaceKey SSDT F7CD79EF ZwRestoreKey SSDT F7CD79E0 ZwSetValueKey ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2D6C 80504608 4 Bytes JMP 20F7CD79 ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) ---- EOF - GMER 1.0.15 ---- OTL.text Code:
ATTFilter OTL logfile created on: 17.02.2011 18:06:05 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Cai\Desktop\MFTools Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 451,00 Mb Available Physical Memory | 44,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,55 Gb Total Space | 13,78 Gb Free Space | 18,48% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive E: | 465,76 Gb Total Space | 394,84 Gb Free Space | 84,77% Space Free | Partition Type: NTFS Computer Name: KAISERSOEZE | User Name: Cai | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.16 23:08:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cai\Desktop\MFTools\OTL.exe PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.12.10 22:54:40 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010.12.09 18:27:13 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.24 20:42:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010.11.24 20:41:58 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.02.12 13:41:46 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2008.04.14 01:12:19 | 004,919,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe PRC - [2006.08.02 00:38:30 | 000,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2006.08.02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe PRC - [2006.07.29 09:04:06 | 000,110,592 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2006.07.28 07:59:44 | 002,355,200 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2006.03.06 17:13:56 | 000,086,016 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe PRC - [2005.10.18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe PRC - [2005.04.20 05:27:44 | 000,118,784 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ========== Modules (SafeList) ========== MOD - [2011.02.16 23:08:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cai\Desktop\MFTools\OTL.exe MOD - [2010.08.23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.12.09 18:27:13 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.24 20:42:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.02.12 13:41:46 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc) SRV - [2010.02.12 13:41:39 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009.07.15 10:48:20 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2006.08.02 00:31:22 | 000,937,984 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R) SRV - [2006.08.02 00:24:22 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2005.10.18 15:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService) SRV - [2005.04.20 05:27:44 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) ========== Driver Services (SafeList) ========== DRV - [2010.12.21 17:53:29 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.24 20:42:01 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.02.05 22:55:12 | 000,031,704 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hssdrv.sys -- (HssDrv) DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008.01.23 22:25:32 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapvpn.sys -- (tapvpn) DRV - [2007.08.28 16:05:12 | 000,055,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\xusb21.sys -- (xusb21) DRV - [2006.09.27 02:36:24 | 001,709,696 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R) DRV - [2006.08.02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006.02.22 09:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid) DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd) DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2005.11.17 03:08:16 | 000,078,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp) DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM) DRV - [2005.10.21 14:13:08 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2005.10.18 15:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt) DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini) DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan) DRV - [2005.09.08 14:20:52 | 003,959,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk) DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt) DRV - [2005.05.27 07:19:00 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial) DRV - [2005.02.17 23:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2003.08.20 11:28:50 | 000,014,220 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [1997.04.22 18:16:00 | 000,006,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASLM75.SYS -- (aslm75) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071101000055 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.9 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q=" FF - prefs.js..network.proxy.http: "137.226.138.156" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.07 18:34:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.17 21:58:36 | 000,000,000 | ---D | M] [2008.11.16 06:08:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Extensions [2011.02.16 15:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions [2010.04.30 21:33:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.16 21:48:38 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.14 17:25:37 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.10.14 17:06:58 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.02.07 23:24:51 | 000,000,000 | ---D | M] (Modify Headers) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe} [2010.12.26 14:43:52 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.06.28 09:50:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2008.11.25 20:43:43 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\moveplayer@movenetworks.com [2011.02.07 23:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\staged-xpis [2010.10.30 00:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\extensions\vshare@toolbar [2011.02.15 01:38:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-1.xml [2010.12.10 22:55:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-10.xml [2010.06.23 12:09:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-2.xml [2010.06.28 09:49:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-3.xml [2010.07.21 20:00:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-4.xml [2010.07.24 17:47:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-5.xml [2010.08.09 11:45:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-6.xml [2010.09.22 11:55:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-7.xml [2010.10.22 17:22:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-8.xml [2010.10.29 11:54:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin-9.xml [2010.06.16 21:48:38 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin.gif [2010.06.16 21:48:38 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin.src [2008.07.10 11:19:06 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Profiles\ejm6kl8d.default\searchplugins\icqplugin.xml [2011.02.16 15:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010.10.05 11:22:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.27 21:48:47 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION [2010.10.05 11:22:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.10.05 11:22:01 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.22 17:21:55 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2008.06.26 14:34:30 | 000,000,932 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\conduit.xml [2010.10.22 17:21:55 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.22 17:21:55 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.22 17:21:55 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.22 17:21:55 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.15 13:22:43 | 000,000,413 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 210.249.144.166 we9stun.winning-eleven.net O1 - Hosts: 217.112.88.118 pes6gate-ec.winning-eleven.net O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVD2.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Hcontrol] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.) O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Cai\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Cai\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Mit Mipony herunterladen - C:\Program Files\MiPony\Browser\IEContext.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (LogonUI.EXE) - C:\WINDOWS\System32\logonui.exe () O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Desktop Hintergrund.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cai\Application Data\Mozilla\Firefox\Desktop Hintergrund.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.11.12 13:05:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - Unable to obtain root file information for disk C:\ O32 - Unable to obtain root file information for disk E:\ O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe - () MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2011.02.16 23:43:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011.02.16 23:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT [2011.02.16 23:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT [2011.02.16 18:50:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Application Data\Malwarebytes [2011.02.16 18:50:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.02.16 18:50:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.16 18:50:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2011.02.16 18:50:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.02.16 18:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.02.16 18:46:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Desktop\MFTools [2011.02.15 15:38:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2011.02.15 04:10:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2011.02.05 21:03:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\My Documents\Mipony [2011.02.05 20:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Application Data\Mipony [2011.02.05 20:57:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Start Menu\Programs\MiPony [2011.02.05 20:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\MiPony [2011.02.01 20:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2011.02.01 20:43:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.01.20 19:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Application Data\Leadertech [2011.01.20 14:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel [2011.01.19 21:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cai\Application Data\Intel [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.17 18:00:03 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2011.02.17 17:59:59 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.02.17 17:59:10 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.02.17 17:59:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.02.17 08:35:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.02.16 23:48:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cai\defogger_reenable [2011.02.16 23:41:22 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Cai\Desktop\NTREGOPT.lnk [2011.02.16 23:41:22 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Cai\Desktop\ERUNT.lnk [2011.02.16 23:10:10 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.16 23:09:07 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Cai\Desktop\g2m3e4r.exe [2011.02.16 23:09:06 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Cai\Desktop\defogger.exe [2011.02.15 03:03:15 | 000,149,504 | ---- | M] () -- C:\Documents and Settings\Cai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.11 11:45:47 | 001,418,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.02.10 18:09:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.02.07 22:59:02 | 000,002,279 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Microsoft\Internet Explorer\Quick Launch\DKZ Studio (2).lnk [2011.02.05 20:57:21 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\Cai\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk [2011.02.05 16:55:38 | 000,000,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts_tempbackup [2011.01.19 21:28:49 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2011.01.19 21:11:10 | 000,000,840 | ---- | M] () -- C:\Settings.ini [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.16 23:48:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cai\defogger_reenable [2011.02.16 23:41:22 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Cai\Desktop\NTREGOPT.lnk [2011.02.16 23:41:22 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Cai\Desktop\ERUNT.lnk [2011.02.16 18:50:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.16 18:47:19 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Cai\Desktop\g2m3e4r.exe [2011.02.16 18:47:19 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Cai\Desktop\defogger.exe [2011.02.07 22:59:00 | 000,002,279 | ---- | C] () -- C:\Documents and Settings\Cai\Application Data\Microsoft\Internet Explorer\Quick Launch\DKZ Studio (2).lnk [2011.02.05 20:57:21 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\Cai\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk [2011.01.19 21:11:10 | 000,000,840 | ---- | C] () -- C:\Settings.ini [2010.08.17 20:05:01 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010.08.17 20:05:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010.08.17 20:04:58 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010.08.17 20:04:58 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010.08.17 20:04:57 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010.02.24 21:11:48 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Cai\Local Settings\Application Data\WebpageIcons.db [2009.03.24 10:42:27 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll [2009.03.05 11:37:55 | 000,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll [2009.03.05 11:37:55 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll [2009.03.05 11:37:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll [2009.03.05 11:37:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll [2009.02.27 22:04:46 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Cai\Local Settings\Application Data\fusioncache.dat [2009.02.27 21:26:29 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll [2009.02.27 21:26:29 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll [2009.02.27 21:26:29 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll [2009.02.27 21:26:29 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll [2009.02.27 21:26:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll [2009.02.27 21:26:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll [2009.02.27 21:26:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll [2009.02.27 21:26:29 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll [2009.02.27 21:26:29 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL [2009.02.27 21:26:29 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini [2009.02.27 21:23:40 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\ASLM75.SYS [2009.02.27 21:23:28 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASLM75.SYS [2009.02.27 21:19:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI [2008.11.24 06:27:50 | 000,149,504 | ---- | C] () -- C:\Documents and Settings\Cai\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.11.16 07:04:55 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini [2008.11.16 06:25:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.11.16 05:15:17 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2008.09.19 22:57:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2007.12.19 15:53:30 | 000,000,272 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005.09.02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [1998.03.25 20:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbzlib.dll ========== LOP Check ========== [2008.11.16 11:24:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2010.11.27 21:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG [2010.08.09 11:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ [2011.02.16 13:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2008.11.17 02:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software [2010.08.27 12:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2009.03.24 20:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2010.07.21 14:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.04.20 20:11:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} [2009.10.10 19:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009.04.14 15:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009.02.28 02:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\2K Sports [2010.12.01 02:06:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Any Video Converter [2008.12.04 05:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\ArchiCrypt Rescue Master [2010.11.15 23:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Azureus [2009.01.17 23:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\DeepBurner [2011.01.09 16:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\DVDVideoSoft [2011.01.09 16:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\DVDVideoSoftIEHelpers [2011.02.16 23:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Free Download Manager [2010.08.09 01:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\ICQ [2011.01.20 19:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Leadertech [2008.11.17 01:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Lingo4u [2011.02.14 03:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Mipony [2008.11.17 01:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\OpenOffice.org [2009.08.29 21:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\pokerth [2011.02.16 19:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\PriceGong [2010.07.30 10:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\RayV [2010.04.27 11:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\TS3Client [2008.11.17 02:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\TuneUp Software [2010.10.27 00:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Tunngle [2010.04.26 23:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cai\Application Data\Uniblue [2011.02.17 18:00:03 | 000,000,496 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2009.08.09 14:58:58 | 000,000,000 | ---D | M] -- C:\7693a848071c56127f721ba3956fe3 [2009.02.27 20:09:35 | 000,000,000 | ---D | M] -- C:\ATI [2009.03.31 15:15:05 | 000,000,000 | ---D | M] -- C:\c0788d48f989384fca [2008.11.16 05:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings [2008.11.15 09:18:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2011.02.16 12:30:45 | 000,000,000 | ---D | M] -- C:\Downloads [2008.11.26 05:16:25 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft [2010.02.19 12:36:54 | 000,000,000 | ---D | M] -- C:\Fraps [2011.02.16 23:41:21 | 000,000,000 | R--D | M] -- C:\Program Files [2009.02.17 11:21:05 | 000,000,000 | ---D | M] -- C:\Programme [2008.11.16 07:21:59 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2008.11.18 01:18:20 | 000,000,000 | ---D | M] -- C:\SP2 [2008.11.16 05:44:07 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.02.17 18:00:48 | 000,000,000 | ---D | M] -- C:\WINDOWS < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\VCP_SAVE\explorer.exe [2004.08.04 08:56:50 | 001,550,336 | ---- | M] (Microsoft Corporation) MD5=334C94271A45DF9E7A72525497A908BE -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2004.08.04 08:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\VistaMizer\old\explorer.exe [2009.06.19 15:52:07 | 000,004,608 | ---- | M] () MD5=C9A563206DC63815E79875C1F8FE098F -- C:\Documents and Settings\Cai\Local Settings\Application Data\Xenocode\ApplianceCaches\GameCamV2.exe_v34275733\Native\STUBEXE\@WINDIR@\explorer.exe [2008.04.14 01:12:19 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=DE5DAEB60BBADE63EB7A405A69DDB9CD -- C:\WINDOWS\explorer.exe [2008.04.14 01:12:19 | 004,919,296 | ---- | M] (Microsoft Corporation) MD5=DE5DAEB60BBADE63EB7A405A69DDB9CD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: USERINIT.EXE > [2004.08.04 08:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 08:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\VistaMizer\old\winlogon.exe [2004.08.04 08:56:58 | 000,541,696 | ---- | M] (Microsoft Corporation) MD5=55ACA85EB80E2155E20211AAADDD711A -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-02-10 17:09:56 ========== Alternate Data Streams ========== @Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF < End of report > Extras.text Code:
ATTFilter OTL Extras logfile created on: 17.02.2011 18:06:05 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Cai\Desktop\MFTools Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 451,00 Mb Available Physical Memory | 44,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,55 Gb Total Space | 13,78 Gb Free Space | 18,48% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive E: | 465,76 Gb Total Space | 394,84 Gb Free Space | 84,77% Space Free | Partition Type: NTFS Computer Name: KAISERSOEZE | User Name: Cai | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [MediaMonkey.1Play] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" "%1" (Ventis Media Inc.) Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /NEXT "%1" (Ventis Media Inc.) Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~2\MEDIAM~1\MEDIAM~1.EXE" /ADD "%1" (Ventis Media Inc.) Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com) "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com) "C:\Program Files\Zattoo\zattood.exe" = C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood -- () "C:\Program Files\Zattoo\Zattoo1.exe" = C:\Program Files\Zattoo\Zattoo1.exe:*:Enabled: -- () "C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe:*:Enabled:pes6.exe -- (KONAMI) "C:\Program Files\Zattoo\Zattoo2.exe" = C:\Program Files\Zattoo\Zattoo2.exe:*:Enabled: -- () "C:\Program Files\Zattoo\Zattoo.exe" = C:\Program Files\Zattoo\Zattoo.exe:*:Enabled: -- () "C:\Program Files\QuickTime\QuickTimePlayer.exe" = C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player -- (Apple Inc.) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation) "C:\Documents and Settings\Cai\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Documents and Settings\Cai\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS) "C:\Program Files\VLC\vlc.exe" = C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player -- () "C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe -- (ICQ, LLC.) "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0 "{05AB8EF0-F783-11DF-83AC-001279CD8240}" = Google Earth Plug-in "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{1CE7D0E0-AC02-42C3-8EAD-66F9D39E3C0E}" = ATI Catalyst Control Center "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = BisonCam "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp "{90437E5F-0A9E-4B63-AD8B-D232897D18BF}" = ATI Parental Control & Encoder "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A87869D7-B133-498C-A347-D9BE109FF6C8}" = USB2.0 1.3M Web Cam "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes "{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore "{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F656DC79-013A-4683-8692-B938FC00B941}" = DkZ Studio "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "Any Video Converter_is1" = Any Video Converter 2.7.9 "ASUS Probe V2.11" = ASUS Probe V2.11 "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "DivX Setup.divx.com" = DivX-Setup "DVD Shrink_is1" = DVD Shrink 3.2 "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "ERUNT_is1" = ERUNT 1.1j "Fraps" = Fraps (remove only) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Download Manager_is1" = Free Download Manager 3.0 "Free Studio_is1" = Free Studio version 5.0.3 "Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 2.2 "Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.2 "Free YouTube Download_is1" = Free YouTube Download 2.10 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Hcontrol" = ATK0100 ACPI UTILITY "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full) "LingoPad_is1" = LingoPad 2.6 (Build 360) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MediaMonkey_is1" = MediaMonkey 3.2 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MiPony" = MiPony 1.2.1 "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "RocketDock_is1" = RocketDock 1.3.5 "SMSERIAL" = Motorola SM56 Data Fax Modem "SopCast" = SopCast 3.0.3 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamSpeak 3 Client" = TeamSpeak 3 Client "Uninstall_is1" = Uninstall 1.0.0.1 "VCP" = Remove Vista Customization Pack v3 "Veetle TV" = Veetle TV 0.9.18 "VistaMizer" = VistaMizer 2.5.2.0 "VLC media player" = VLC media player 1.0.1 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "Xvid_is1" = Xvid 1.2.1 final uninstall "Zattoo" = Zattoo 3.3.4 Beta "Zattoo4" = Zattoo4 4.0.3 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 13.02.2011 09:21:49 | Computer Name = KAISERSOEZE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.3989, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 13.02.2011 20:03:10 | Computer Name = KAISERSOEZE | Source = WmiAdapter | ID = 4099 Description = Open of service failed. Error - 13.02.2011 22:53:30 | Computer Name = KAISERSOEZE | Source = Application Hang | ID = 1002 Description = Hanging application setup.exe, version 6.6.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15.02.2011 11:30:10 | Computer Name = KAISERSOEZE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.3989, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15.02.2011 11:30:13 | Computer Name = KAISERSOEZE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.3989, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15.02.2011 14:12:27 | Computer Name = KAISERSOEZE | Source = Application Error | ID = 1000 Description = Faulting application pes6.exe, version 1.0.0.1, faulting module pes6.exe, version 1.0.0.1, fault address 0x004d160c. Error - 15.02.2011 18:18:21 | Computer Name = KAISERSOEZE | Source = Application Hang | ID = 1002 Description = Hanging application firefox.exe, version 1.9.2.3989, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 15.02.2011 18:36:57 | Computer Name = KAISERSOEZE | Source = Application Error | ID = 1000 Description = Faulting application pes6.exe, version 1.0.0.1, faulting module pes6.exe, version 1.0.0.1, fault address 0x0025c4a8. Error - 16.02.2011 10:16:22 | Computer Name = KAISERSOEZE | Source = Application Error | ID = 1000 Description = Faulting application pes6.exe, version 1.0.0.1, faulting module pes6.exe, version 1.0.0.1, fault address 0x0070c48a. Error - 16.02.2011 19:04:23 | Computer Name = KAISERSOEZE | Source = WmiAdapter | ID = 4099 Description = Open of service failed. [ System Events ] Error - 17.02.2011 13:06:23 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:24 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:26 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:27 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:29 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:31 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:34 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:36 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:37 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. Error - 17.02.2011 13:06:39 | Computer Name = KAISERSOEZE | Source = Disk | ID = 262151 Description = The device, \Device\Harddisk0\D, has a bad block. [ TuneUp Events ] Error - 16.02.2011 13:50:21 | Computer Name = KAISERSOEZE | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-02-16 18:50:21', '\device\harddiskvolume1\program files\malwarebytes' anti-malware\mbam.exe','288',0) Error - 16.02.2011 13:50:42 | Computer Name = KAISERSOEZE | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-02-16 18:50:42', '\device\harddiskvolume1\program files\malwarebytes' anti-malware\mbam.exe','2188',0) Error - 16.02.2011 13:53:14 | Computer Name = KAISERSOEZE | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-02-16 18:53:14', '\device\harddiskvolume1\program files\malwarebytes' anti-malware\mbam.exe','1340',0) Error - 16.02.2011 18:10:02 | Computer Name = KAISERSOEZE | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-02-16 23:10:02', '\device\harddiskvolume1\program files\malwarebytes' anti-malware\mbam.exe','1516',0) Error - 16.02.2011 18:10:22 | Computer Name = KAISERSOEZE | Source = TuneUp Program Statistics | ID = 131840 Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-02-16 23:10:22', '\device\harddiskvolume1\program files\malwarebytes' anti-malware\mbam.exe','508',0) < End of report > |
17.02.2011, 20:56 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab!Zitat:
Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
17.02.2011, 22:07 | #3 |
| PC hängt öfter und Programme stürzen ab! vollständiger scan:
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5786 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 17.02.2011 22:04:59 mbam-log-2011-02-17 (22-04-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 268243 Laufzeit: 56 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 16 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\dokumente und einstellungen\Cai\Desktop\cai\kf141\keyfinder.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\antiwpa-v3.4.6 for x64 and x86\AMD64\ANTIWPA.DLL (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\antiwpa-v3.4.6 for x64 and x86\X86\ANTIWPA.DLL (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\antiwpa-v3.4.6 for x64 and x86\AMD64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\antiwpa-v3.4.6 for x64 and x86\IA64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\antiwpa-v3.4.6 for x64 and x86\X86\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\fix für windows 64bit\fixed antiwpa\AMD\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\fix für windows 64bit\fixed antiwpa\I64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\fix für windows 64bit\original antiwpa\AMD64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\fix für windows 64bit\original antiwpa\IA64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\aktivierungs-crack\fix für windows 64bit\original antiwpa\X86\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\keygens\50614-mskey4in1.exe (Malware.Tool) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Cai\Desktop\Crack\TOOLS\wga-crack\wga-workaround (geht auch mit ie7 etc)\wga-fix.exe (Hacktool.WGAFix) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\kaisersoeze\Desktop\cai\kf141\keyfinder.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\WINDOWS\servicepackfiles\i386\notepad.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. c:\WINDOWS\$ntservicepackuninstall$\ctfmon.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
17.02.2011, 23:26 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab!Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2011, 00:58 | #5 |
| PC hängt öfter und Programme stürzen ab! mein windows ist nicht legal??? ich hab doch schon zweimal bei euch meinen pc von trojanern befreien lassen!!! jetzt versteh ich nichts mehr...ich bin allerdings auch ein pc noob. mein pc ist aber ganz normal gekauft bei ebay!!! |
18.02.2011, 01:18 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab!Zitat:
Was machst du mit antiwpa, den keygens und den cracks? Ok, eigentlich ist es der Desktop des Users "Cai" vllt weißt du wer das ist
__________________ --> PC hängt öfter und Programme stürzen ab! |
18.02.2011, 10:49 | #7 | |
| PC hängt öfter und Programme stürzen ab!Zitat:
ihr habt mir schon zweimal geholfen und das ist immer noch der selbe pc! "Cai" bin ich! aber auf meinem desktop hab ich doch keinen ordner CRACK! das ist mein desktop: ich versteh das nicht!!! ich brauche echt hilfe. ich brauche meinen pc für meine diplomarbeit und für pes! |
18.02.2011, 10:52 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab! Joa, jetzt wo MBAM es gelöscht hat
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2011, 10:59 | #9 |
| PC hängt öfter und Programme stürzen ab! nein auch vorher hatte ich keinen ordner auf dem desktop! das wär mir doch aufgefallen! wenn ich jetzt MBAM die datein in der quarantäne wieder herstellen lasse müsste ich also diesen besagten ordner wieder auf meinem desktop haben? soll ich das mal machen? weil ich verstehe es beim besten willen nicht! |
18.02.2011, 11:43 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab! Jop mach mal
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2011, 13:08 | #11 |
| PC hängt öfter und Programme stürzen ab! werd ich hier nicht ernstgenommen?!? werd wohl meinen rechner platt machen müssen was leider lange dauert da das ein kumpel für mich macht (bin halt pc noob). naja danke an die leute die mir die letzten beiden male geholfen haben!!! |
18.02.2011, 13:44 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab! Ja sry aber so ist das nun mal MBAM erfindet auch keine Cracks nur um dir eins einzuwischen, die Dinger waren tatsächlich drauf
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2011, 15:05 | #13 |
| PC hängt öfter und Programme stürzen ab! dann waren sie auf meinem rechner nur sicher nicht auf meinem desktop das hätte ich gesehen! kannst du mir sagen ob ich noch mehr illegale sachen/tools/daten oder sonst was auf meinem pc habe? ich würde gerne alles entfernen. immer wieder kam die meldung "autorun blockieren" mittlerweile hat mein antivir 19 trojaner (TR/Trash.Gen, TR/Agent.ezdc, TR/Dldr.Agent.CAD) auf meinem rechner gefunden werde diese jetzt entfernen und hoffe damit hat sich die sache erledigt! mahalo! |
18.02.2011, 15:15 | #14 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC hängt öfter und Programme stürzen ab!Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
18.02.2011, 15:19 | #15 |
| PC hängt öfter und Programme stürzen ab! danke für die antwort... |
Themen zu PC hängt öfter und Programme stürzen ab! |
adblock, alternate, antivir, avgntflt.sys, avira, bho, bonjour, conduit, converter, desktop, error, firefox, flash player, format, free download, google, google earth, hdaudio.sys, hängt, launch, location, logfile, mipony, mozilla, mp3, notepad.exe, object, oldtimer, plug-in, realtek, registry, rundll, saver, searchplugins, security, server, service pack 1, shell32.dll, shortcut, software, start menu, studio, system, system restore, teamspeak, trojan.fakems, udp, vlc media player, windows internet |