| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: mailware verdacht(problem)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.03.2011, 16:06
| #1 |
| |  mailware verdacht(problem) Hallo Leute, ich habe ein problem und hoffe mir kann jemand helfen. bei mir öffnet sie alle paar minuten werbung und alle programme die ich öffne brauchen lange zu öffnen und hängen und stürtzen oft ab. |
|
18.03.2011, 16:43
| #2 |
| /// Malware-holic   | mailware verdacht(problem) Systemscan mit OTL
__________________download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten
__________________ |
|
21.03.2011, 16:18
| #3 |
| | mailware verdacht(problem) hier die 2 textdateien
__________________extras.Txt - EditorOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.03.2011 06:57:18 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\******* *******\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 80,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,15 Gb Total Space | 535,08 Gb Free Space | 78,21% Space Free | Partition Type: NTFS
Drive D: | 14,39 Gb Total Space | 2,53 Gb Free Space | 17,57% Space Free | Partition Type: NTFS
Drive E: | 698,64 Gb Total Space | 695,59 Gb Free Space | 99,56% Space Free | Partition Type: NTFS
Drive F: | 1,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: **************-PC | User Name: ******* ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{6F9B9AEB-00D8-4000-AD5B-7E97E85571DE}" = ScopeUserGuide
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.00
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{E78A769A-592F-4154-8277-07CC3BDCAAD8}" = MobileMe Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardwarediagnosetools
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C8574B5-6935-4FCE-860E-F4E8602378FF}" = OfferBox
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC241BA-F74D-4C2B-9284-BF5D7B8DFE90}" = Sven - Gut zu Vögeln
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65D70656-D248-4C83-B594-E3029C43B37A}" = phase6_19
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E0E4D61-11EC-11E0-B454-0013D3D69929}" = Vegas Pro 10.0
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{835525BE-63BD-4EC4-9425-00CEAD4849C2}" = Widestream6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8544556F-92C9-478E-9ABC-BC2823E39577}" = MAGIX Speed burnR (MSI)
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{924DAFFB-CA84-43a3-8205-A6E94461EC79}_is1" = Registry Reviver
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C9C13822-A638-4331-99A3-4498A5901693}" = Media Go
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E95FEA31-034D-42D0-8ED6-44D7F838BA6E}" = SpongeBob Schwammkopf - Schlacht um Bikini Bottom
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVerMedia C038 USB Capture Card" = AVerMedia C038 USB Capture Card 1.0.64.23
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX-Setup
"Doxillion" = Doxillion Document Converter
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"facemoods" = Facemoods Toolbar
"Fissa" = Fissa
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 4.9
"Free Video Dub_is1" = Free Video Dub version 1.8.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"GamersFirst LIVE!" = GamersFirst LIVE!
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"Google Chrome" = Google Chrome
"Hank" = Hank
"HP Remote Solution" = HP Remote Solution
"Indeo® Software" = Indeo® Software
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"MinecraftAlpha" = MinecraftAlpha
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NCH Toolbar" = NCH Toolbar
"NSS" = Norton Security Scan
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"PhotoStage" = PhotoStage Slideshow Producer
"PriceGong" = PriceGong 2.1.0
"Prism" = Prism Video File Converter
"Raptr" = Raptr
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"UltraISO_is1" = UltraISO Premium V9.36
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"VideoPad" = VideoPad Video Editor
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.3
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WavePad" = WavePad Sound Editor
"WildTangent hp Master Uninstall" = HP Games
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.2.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"EuroGrand Casino" = EuroGrand Casino
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.02.2011 15:15:20 | Computer Name = **************-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*******
*******\Downloads\SoftonicDownloader67772.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 02.03.2011 17:16:06 | Computer Name = **************-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.210.7 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1098 Startzeit:
01cbd90ea7c9b045 Endzeit: 93 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe
Berichts-ID:
46efb644-4512-11e0-a7d2-4061862c3926
Error - 03.03.2011 03:29:16 | Computer Name = **************-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 03.03.2011 03:29:16 | Computer Name = **************-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 03.03.2011 21:11:57 | Computer Name = **************-PC | Source = Application Hang | ID = 1002
Description = Programm Azureus.exe, Version 4.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: fec Startzeit:
01cbda08d986ad38 Endzeit: 19 Anwendungspfad: C:\Program Files (x86)\Vuze\Azureus.exe
Berichts-ID:
Error - 03.03.2011 21:36:14 | Computer Name = **************-PC | Source = MsiInstaller | ID = 11730
Description =
Error - 04.03.2011 02:51:29 | Computer Name = **************-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CamRecorder.exe, Version: 7.0.0.1426,
Zeitstempel: 0x4b8ff441 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
Zeitstempel: 0x4cc7ab86 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002dfe4 ID des fehlerhaften
Prozesses: 0x1628 Startzeit der fehlerhaften Anwendung: 0x01cbda3500de2ba9 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamRecorder.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: d4b2db0a-462b-11e0-a685-4061862c3926
Error - 05.03.2011 00:16:34 | Computer Name = **************-PC | Source = Application Hang | ID = 1002
Description = Programm javaw.exe, Version 6.0.210.7 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 920 Startzeit:
01cbdaeb8782cd4b Endzeit: 37 Anwendungspfad: C:\Program Files (x86)\Java\jre6\bin\javaw.exe
Berichts-ID:
Error - 05.03.2011 00:48:15 | Computer Name = **************-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*******
*******\Desktop\SoftonicDownloader_fuer_adobe-photoshop.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Error - 05.03.2011 00:48:15 | Computer Name = **************-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\*******
*******\Desktop\SoftonicDownloader_for_cinema-4d.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
[ Hewlett-Packard Events ]
Error - 02.01.2010 17:12:48 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
HPSF
bei HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender,
RoutedEventArgs e) bei System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) bei System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) bei System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) bei System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) bei System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) bei System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) bei MS.Internal.LoadedOrUnloadedOperation.DoWork() bei System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
bei System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() bei System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) bei System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Error - 21.02.2010 15:31:16 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
HPSF
bei HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender,
RoutedEventArgs e) bei System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) bei System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) bei System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) bei System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) bei System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) bei System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) bei MS.Internal.LoadedOrUnloadedOperation.DoWork() bei System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
bei System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() bei System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) bei System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Error - 26.06.2010 03:38:26 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 09.07.2010 14:40:46 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 13.07.2010 12:44:37 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
HPSF
bei HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender,
RoutedEventArgs e) bei System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object
target, RoutedEventArgs routedEventArgs) bei System.Windows.EventRoute.InvokeHandlersImpl(Object
source, RoutedEventArgs args, Boolean reRaised) bei System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) bei System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) bei System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) bei System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) bei MS.Internal.LoadedOrUnloadedOperation.DoWork() bei System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
bei System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() bei System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) bei System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Error - 16.07.2010 12:15:10 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 13.08.2010 11:10:09 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 10.09.2010 13:07:44 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 17.09.2010 12:02:20 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
Error - 19.11.2010 13:54:07 | Computer Name = **************-PC | Source = Hewlett-Packard | ID = 0
Description = de-DE Die Datei "C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml" konnte nicht gefunden werden. mscorlib bei System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)
bei System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) bei System.IO.StreamReader..ctor(String path, Encoding encoding)
bei System.IO.File.ReadAllText(String path, Encoding encoding) bei n.a()
[ Media Center Events ]
Error - 02.08.2010 05:48:56 | Computer Name = **************-PC | Source = MCUpdate | ID = 0
Description = 11:48:56 - Fehler beim Herstellen der Internetverbindung. 11:48:56
- Serververbindung konnte nicht hergestellt werden..
Error - 02.08.2010 05:49:09 | Computer Name = **************-PC | Source = MCUpdate | ID = 0
Description = 11:49:01 - Fehler beim Herstellen der Internetverbindung. 11:49:01
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2010 04:51:51 | Computer Name = **************-PC | Source = MCUpdate | ID = 0
Description = 10:51:51 - Fehler beim Herstellen der Internetverbindung. 10:51:51
- Serververbindung konnte nicht hergestellt werden..
Error - 05.08.2010 04:52:01 | Computer Name = **************-PC | Source = MCUpdate | ID = 0
Description = 10:51:56 - Fehler beim Herstellen der Internetverbindung. 10:51:56
- Serververbindung konnte nicht hergestellt werden..
Error - 30.01.2011 11:55:57 | Computer Name = **************-PC | Source = MCUpdate | ID = 0
Description = 16:55:51 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
[ System Events ]
Error - 22.03.2011 16:09:11 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 23.03.2011 17:48:59 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 23.03.2011 17:51:02 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 24.03.2011 03:34:02 | Computer Name = **************-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?24.?03.?2011 um 08:32:24 unerwartet heruntergefahren.
Error - 24.03.2011 03:34:14 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 24.03.2011 03:36:16 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 24.03.2011 05:28:30 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 24.03.2011 05:30:32 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 25.03.2011 01:46:37 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFS
Error - 25.03.2011 01:48:39 | Computer Name = **************-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
OTL.Txt - Editor OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.03.2011 06:57:18 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\****** ******\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 80,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 684,15 Gb Total Space | 535,08 Gb Free Space | 78,21% Space Free | Partition Type: NTFS Drive D: | 14,39 Gb Total Space | 2,53 Gb Free Space | 17,57% Space Free | Partition Type: NTFS Drive E: | 698,64 Gb Total Space | 695,59 Gb Free Space | 99,56% Space Free | Partition Type: NTFS Drive F: | 1,67 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ************-PC | User Name: ****** ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.03.25 06:53:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\****** ******\Desktop\OTL.exe PRC - [2011.03.21 19:33:57 | 000,134,656 | ---- | M] () -- C:\Users\******~1\AppData\Local\Temp\Tpe.exe PRC - [2011.03.21 19:33:55 | 000,147,968 | ---- | M] () -- C:\Users\******~1\AppData\Local\Temp\Tpd.exe PRC - [2011.03.21 19:33:53 | 000,137,216 | ---- | M] () -- C:\Windows\Tqypya.exe PRC - [2011.03.20 16:06:32 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.02.18 18:08:00 | 001,716,032 | ---- | M] (Reviversoft, (ReviverSoft | Software und Hinweise um Ihren PC wie neu laufen zu lassen)) -- C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe PRC - [2010.11.03 17:18:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.03 17:18:39 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010.03.03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2009.12.01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009.10.20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2009.09.06 12:38:06 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe PRC - [2009.08.27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2008.06.24 15:11:22 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe ========== Modules (SafeList) ========== MOD - [2011.03.25 06:53:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\****** ******\Desktop\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011.03.20 16:06:32 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.12.06 08:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.11.03 17:18:39 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.05.03 23:21:00 | 003,604,720 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2009.09.06 12:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2009.08.27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008.06.24 15:11:22 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.11.25 16:00:08 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.09.17 16:43:17 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010.03.03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.03.02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009.11.28 12:26:32 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2009.11.28 12:26:30 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2009.11.18 21:30:40 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2009.11.18 21:30:40 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2009.08.09 22:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.13 15:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.11.04 09:52:36 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV:64bit: - [2008.11.04 09:52:36 | 000,132,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV:64bit: - [2008.11.04 09:52:36 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex) DRV:64bit: - [2008.11.04 09:52:32 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm) DRV:64bit: - [2008.11.04 09:52:32 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl) DRV:64bit: - [2008.11.04 09:52:30 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV:64bit: - [2008.01.09 12:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2007.07.17 17:42:38 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2007.07.17 17:42:32 | 000,054,288 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2007.07.17 08:14:58 | 000,295,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerFx2hbtv64.sys -- (AVerFx2hbtv64) DRV:64bit: - [2006.11.16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pdiports.sys -- (PdiPorts) DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) DRV - [2009.11.28 15:05:27 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS) DRV - [2009.11.12 12:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.10.20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/03/27 13:33:01] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) DRV - [2005.01.03 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\prxtbNC0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Facemoods Search IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\prxtbNC0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search" FF - prefs.js..browser.search.defaultthis.engineName: "Bing Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: offerboxffx@offerbox.com:1.0.1.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {c2db4fe6-8409-45ce-8010-189a7b5cce86}:2.7.2.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {f4e6547e-325b-403c-a3bb-ad29ed37a92f}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.05 15:52:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.05 15:52:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.09 11:30:43 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.09 11:30:43 | 000,000,000 | ---D | M] [2010.06.17 07:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****** ******\AppData\Roaming\mozilla\Extensions [2011.03.22 23:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions [2010.12.28 11:51:53 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.10.01 17:03:39 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.03.04 02:09:27 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2010.11.24 20:12:23 | 000,000,000 | ---D | M] (NCH Toolbar) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86} [2010.09.30 18:04:25 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.12.20 19:09:36 | 000,000,000 | ---D | M] (SearchElf 1.2 Community Toolbar) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\{f4e6547e-325b-403c-a3bb-ad29ed37a92f} [2011.01.10 16:01:59 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\DTToolbar@toolbarnet.com [2010.12.20 19:09:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\engine@conduit.com [2011.02.19 23:57:53 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\****** ******\AppData\Roaming\mozilla\Firefox\Profiles\s12jh7tv.default\extensions\ffxtlbr@Facemoods.com [2011.03.04 06:11:32 | 000,000,883 | ---- | M] () -- C:\Users\****** ******\AppData\Roaming\Mozilla\Firefox\Profiles\s12jh7tv.default\searchplugins\conduit.xml [2010.09.17 16:43:30 | 000,002,059 | ---- | M] () -- C:\Users\****** ******\AppData\Roaming\Mozilla\Firefox\Profiles\s12jh7tv.default\searchplugins\daemon-search.xml [2010.12.01 17:50:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.08.02 22:03:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011.01.05 15:52:38 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.01.05 15:52:38 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2010.05.16 11:01:50 | 000,000,000 | ---D | M] ("OfferBox") -- C:\USERS\****** ******\APPDATA\ROAMING\OFFERBOX\OFFERBOXFFX@OFFERBOX.COM [2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2009.04.08 03:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPOP7PlugIn.dll [2010.12.11 15:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.11 15:19:31 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2011.02.19 23:57:53 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml [2010.12.11 15:19:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.11 15:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.11 15:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong) O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found. O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O2 - BHO: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\prxtbNC0.dll (Conduit Ltd.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (NCH Toolbar) - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\prxtbNC0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll (facemoods.com) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (NCH Toolbar) - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - C:\Program Files (x86)\NCH\prxtbNC0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\prxtbsof0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemonTool] C:\Windows\SysWow64\qload2C.dll (Microsoft) O4 - HKCU..\Run: [A9YA3MI1CF] C:\Users\******~1\AppData\Local\Temp\Tpd.exe () O4 - HKCU..\Run: [NtWqIVLZEWZU] C:\Users\******~1\AppData\Local\Temp\Tpe.exe () O4 - HKCU..\Run: [NvCplDaemonTool] File not found O4 - Startup: C:\Users\****** ******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scangdiska41.dll (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****** ******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****** ******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{20f83e6a-8e6c-11df-b393-4061862c3926}\Shell - "" = AutoRun O33 - MountPoints2\{20f83e6a-8e6c-11df-b393-4061862c3926}\Shell\AutoRun\command - "" = G:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.25 06:53:38 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\****** ******\Desktop\OTL.exe [2011.03.21 20:19:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.03.13 23:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2011.03.13 19:49:59 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.03.13 19:49:59 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.03.13 19:49:59 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.03.13 19:49:59 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.03.13 19:49:58 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.03.13 19:49:58 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.03.13 19:49:58 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.03.13 19:49:58 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.03.13 19:49:58 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.03.13 19:49:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.03.13 19:49:58 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.03.13 19:49:57 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.03.13 19:49:56 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.03.13 19:49:56 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.03.13 19:49:56 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.03.13 19:49:56 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.03.13 16:41:14 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.03.13 16:31:39 | 000,000,000 | ---D | C] -- C:\Users\****** ******\Desktop\Silla Instinkt [2011.03.12 18:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hank [2011.03.11 18:44:42 | 000,000,000 | ---D | C] -- C:\Users\****** ******\Desktop\Musik [2011.03.05 08:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011.03.05 06:04:27 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\.minecraft [2011.03.05 06:03:59 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftAlpha [2011.03.05 06:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MinecraftAlpha [2011.03.05 06:00:05 | 011,155,702 | ---- | C] (none ) -- C:\Users\****** ******\Minecraft Alpha Custom Installer.exe [2011.03.04 03:11:18 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011.03.04 03:11:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011.03.04 03:10:50 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2011.03.04 03:10:50 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2011.03.04 03:10:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2011.03.04 03:10:50 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2011.03.04 03:10:50 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2011.03.04 03:10:49 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2011.03.04 03:10:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2011.03.04 03:10:49 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2011.03.04 03:10:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2011.03.04 03:10:49 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2011.03.04 03:10:49 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2011.03.04 03:10:49 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2011.03.04 03:10:49 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2011.03.04 03:10:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2011.03.04 03:10:48 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2011.03.04 03:10:48 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2011.03.04 03:10:48 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2011.03.04 03:10:48 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2011.03.04 03:10:48 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2011.03.04 03:10:48 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2011.03.04 03:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom [2011.03.04 02:40:36 | 000,000,000 | ---D | C] -- C:\Users\****** ******\Documents\Camtasia Studio [2011.03.04 02:40:33 | 000,411,480 | ---- | C] (TechSmith Corporation) -- C:\Windows\SysWow64\tsccvid.dll [2011.03.04 02:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7 [2011.03.04 02:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2011.03.04 02:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2011.03.04 02:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2011.03.04 02:37:01 | 000,000,000 | ---D | C] -- C:\Users\****** ******\Documents\Benutzerdefinierte Produktionsprofile 7.0 [2011.03.04 02:11:33 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr [2011.03.04 02:11:26 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\Raptr [2011.03.04 02:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2011.03.04 02:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze [2011.03.04 02:09:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine [2011.03.04 02:09:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote [2011.02.28 20:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2011.02.28 20:36:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2011.02.28 03:40:04 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\MAXON [2011.02.27 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Roaming\Reviversoft [2011.02.27 10:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reviversoft [2011.02.27 10:05:48 | 000,018,240 | ---- | C] (ReviverSoft) -- C:\Windows\SysNative\roboot64.exe [2011.02.27 10:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reviversoft [2011.02.27 10:04:27 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.02.27 10:04:27 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.02.27 10:04:27 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.02.27 10:04:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.02.26 19:31:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime [2011.02.25 15:33:58 | 000,000,000 | ---D | C] -- C:\Users\****** ******\AppData\Local\LogMeIn Hamachi [2011.02.25 15:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.02.25 15:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.09.25 20:47:13 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbsoft.dll [2009.11.28 11:40:33 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe1AA3.dll ========== Files - Modified Within 30 Days ========== [2011.03.25 06:58:47 | 000,001,072 | ---- | M] () -- C:\Users\****** ******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk [2011.03.25 06:56:04 | 000,000,304 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.03.25 06:55:02 | 000,000,258 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.03.25 06:53:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\****** ******\Desktop\OTL.exe [2011.03.25 06:53:42 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 06:53:42 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.25 06:51:10 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.03.25 06:51:10 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.03.25 06:51:10 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.03.25 06:51:10 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.03.25 06:51:10 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.03.25 06:50:02 | 000,000,256 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011.03.25 06:46:46 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.25 06:46:28 | 000,000,322 | -HS- | M] () -- C:\Windows\tasks\Bstxoaoee.job [2011.03.25 06:46:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.25 06:46:21 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys [2011.03.24 12:42:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.21 19:33:53 | 000,137,216 | ---- | M] () -- C:\Windows\Tqypya.exe [2011.03.21 19:33:52 | 000,155,648 | RHS- | M] () -- C:\Windows\SysWow64\dmviewz.dll [2011.03.21 19:23:39 | 000,441,152 | ---- | M] () -- C:\Users\****** ******\Documents\cc_20110321_192318.reg [2011.03.19 16:47:16 | 000,000,510 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ****** ******.job [2011.03.14 16:36:28 | 000,006,144 | ---- | M] () -- C:\Users\****** ******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.03.12 18:03:57 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Hank spielen.lnk [2011.03.12 18:00:42 | 000,019,121 | ---- | M] () -- C:\Users\****** ******\Desktop\intro fertig.camproj [2011.03.12 14:07:47 | 1065,664,861 | ---- | M] () -- C:\Users\****** ******\Desktop\tactical nuke.camrec [2011.03.05 06:03:59 | 000,001,978 | ---- | M] () -- C:\Users\****** ******\Minecraft+Updater.lnk [2011.03.05 06:03:58 | 000,001,938 | ---- | M] () -- C:\Users\****** ******\minecraft.exe.lnk [2011.03.05 06:00:45 | 011,155,702 | ---- | M] (none ) -- C:\Users\****** ******\Minecraft Alpha Custom Installer.exe ========== Files Created - No Company Name ========== [2011.03.21 21:17:45 | 000,001,072 | ---- | C] () -- C:\Users\****** ******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scandisk.lnk [2011.03.21 19:33:58 | 000,000,256 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011.03.21 19:33:57 | 000,137,216 | ---- | C] () -- C:\Windows\Tqypya.exe [2011.03.21 19:33:56 | 000,000,304 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.03.21 19:33:54 | 000,000,258 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.03.21 19:33:52 | 000,155,648 | RHS- | C] () -- C:\Windows\SysWow64\dmviewz.dll [2011.03.21 19:33:52 | 000,000,322 | -HS- | C] () -- C:\Windows\tasks\Bstxoaoee.job [2011.03.21 19:23:23 | 000,441,152 | ---- | C] () -- C:\Users\****** ******\Documents\cc_20110321_192318.reg [2011.03.12 18:03:57 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Hank spielen.lnk [2011.03.12 14:30:43 | 000,019,121 | ---- | C] () -- C:\Users\****** ******\Desktop\intro fertig.camproj [2011.03.12 14:07:17 | 1065,664,861 | ---- | C] () -- C:\Users\****** ******\Desktop\tactical nuke.camrec [2011.03.05 08:10:14 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011.03.05 06:03:59 | 000,001,978 | ---- | C] () -- C:\Users\****** ******\Minecraft+Updater.lnk [2011.03.05 06:03:58 | 000,001,938 | ---- | C] () -- C:\Users\****** ******\minecraft.exe.lnk [2011.01.06 19:45:03 | 000,006,144 | ---- | C] () -- C:\Users\****** ******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.09.25 20:47:13 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE [2010.09.25 20:47:13 | 000,006,836 | ---- | C] () -- C:\Program Files (x86)\UNWISE.INI [2010.06.29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2010.06.16 17:10:45 | 000,120,012 | ---- | C] () -- C:\Users\****** ******\AppData\Local\tmpPINK PUSSY CLOSEUP (8)_CROP.JPG [2010.06.16 17:10:45 | 000,118,864 | ---- | C] () -- C:\Users\****** ******\AppData\Local\tmpPINK PUSSY CLOSEUP (8)_CROP.0 [2010.05.27 14:51:52 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2010.03.01 19:18:20 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\AscSQLite.dll [2010.02.28 14:10:42 | 000,019,887 | ---- | C] () -- C:\Users\****** ******\AppData\Roaming\UserTile.png [2009.11.28 16:30:20 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2009.11.28 14:57:59 | 000,016,622 | ---- | C] () -- C:\Windows\hpomdl01.dat [2009.11.28 14:54:12 | 000,002,304 | ---- | C] () -- C:\Windows\SysWow64\Machnm32.sys [2009.11.28 10:59:19 | 000,000,760 | ---- | C] () -- C:\Users\****** ******\AppData\Roaming\setup_ldm.iss [2009.11.28 10:48:55 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2009.11.14 17:14:29 | 000,000,099 | ---- | C] () -- C:\Users\****** ******\AppData\Local\fusioncache.dat [2009.11.14 17:09:11 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.10.22 20:15:56 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2009.10.22 20:01:22 | 004,835,652 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2009.10.17 00:58:06 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2009.10.17 00:57:06 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll [2009.10.17 00:04:24 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2009.10.17 00:04:08 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2009.10.17 00:03:48 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2009.10.17 00:03:44 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2009.10.17 00:03:40 | 000,484,864 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2009.10.16 23:10:10 | 000,281,748 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll [2009.10.16 21:53:32 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2009.10.16 21:53:20 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.10.16 20:40:42 | 000,957,047 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll [2009.10.16 20:38:20 | 000,914,464 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.10.16 20:35:50 | 000,311,204 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2009.10.16 20:08:54 | 000,611,638 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll [2009.10.16 20:04:28 | 001,632,375 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll [2009.09.24 15:48:36 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.01.10 23:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2009.01.10 23:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2009.01.10 23:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2009.01.10 23:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2009.01.10 23:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2009.01.10 23:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2009.01.10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll [2009.01.10 23:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2009.01.10 23:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2009.01.10 23:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2009.01.10 23:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2009.01.10 23:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2009.01.10 23:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2009.01.10 23:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2008.12.03 23:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2008.11.06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2007.10.13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini [2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2003.04.06 05:33:26 | 000,020,464 | ---- | C] () -- C:\Windows\hpoins01.dat ========== LOP Check ========== [2011.03.10 12:48:40 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\.minecraft [2011.03.05 06:37:10 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Azureus [2010.10.30 21:07:13 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\BitTorrent [2010.03.28 18:08:44 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Canneverbe Limited [2010.09.17 16:47:53 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\DAEMON Tools Lite [2009.11.28 15:07:33 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\DisplayTune [2011.03.13 16:41:50 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\DNA [2010.12.16 19:36:29 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\DVDVideoSoft [2010.12.28 11:51:51 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\DVDVideoSoftIEHelpers [2010.05.16 11:02:03 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\FissaSearch [2009.11.28 10:59:20 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Leadertech [2011.01.05 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Local [2010.10.31 14:15:57 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Mael [2010.10.05 18:21:11 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\MAGIX [2011.03.03 08:21:58 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\MAXON [2010.12.22 14:00:06 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\NCH Swift Sound [2010.09.09 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\OfferBox [2009.11.28 14:42:43 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\OpenOffice.org [2009.11.21 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\PlayFirst [2011.03.13 14:41:37 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Raptr [2011.02.27 10:06:35 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Reviversoft [2011.03.18 21:31:06 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Sony [2010.03.27 13:49:04 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Uniblue [2010.05.16 11:02:11 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\widestream [2009.12.05 11:55:02 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\WinBatch [2009.11.14 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\WorldShift [2010.09.30 17:53:26 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\Xilisoft [2010.04.13 16:50:18 | 000,000,000 | ---D | M] -- C:\Users\****** ******\AppData\Roaming\_MDLogs [2011.03.25 06:46:28 | 000,000,322 | -HS- | M] () -- C:\Windows\Tasks\Bstxoaoee.job [2010.06.30 10:20:21 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job [2011.03.21 19:13:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.03.25 06:56:04 | 000,000,304 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.03.25 06:55:02 | 000,000,258 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.03.25 06:50:02 | 000,000,256 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job ========== Purity Check ========== < End of report > |
|
22.03.2011, 12:46
| #4 |
| /// Malware-holic | mailware verdacht(problem) bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
25.03.2011, 16:57
| #5 |
| | mailware verdacht(problem) habe mich registrirt mein name ist : "pierre_mailware" |
|
| Themen zu mailware verdacht(problem) |
| alle programme, brauche, gen, hoffe, hänge, hängen, lange, leute, mailware, minute, minuten, problem, programme, stürtzen, verdacht, werbung, öffnen, öffnet |
Linear-Darstellung
