| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.04.2011, 11:45
| #1 |
| |  Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exe Hi Leute Hab seit 2 Tagen das Problem, dass mein PC langsamer als normal ist und manche Programme erst öffnen wenn man hundertmal hintereinander draufklickt oder die Enter-taste gedrückt hält damit (damit es sich mehrmals öffnet denn bei einmaligem öffnen passiert gar nichts) und dass sich Internet Explorer regelmäßig mit Werbung öffnet. Neuerdings muss ich sogar meinen PC mehrmals neustarten, da sich beim Anmelden der Explorer mit der Meldung "Explorer funktioniert nicht mehr" verabschiedet (passiert auch manchmal mit taskhost oder sämtlichen Internetbrowsern). Aviar hat bei mir Dateien wie gpi.exe, gpj.exe, gqepia.exe, gpg.exe, gpf.exe gefunden, löschen scheint jedoch nichts zu bringen. Bei HijackThis kam folgendes raus Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:18:08, on 24.04.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Windows\Gqepia.exe C:\Users\xxx\AppData\Local\Temp\Gpj.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\xxx\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Users\xxx\AppData\Roaming\appconf32.exe,C:\Windows\system32\config\systemprofile\AppData\Roaming\appconf3 2.exe, O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Windows System Guard] C:\Users\Public\dlll.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [HKLM] C:\windows32\svhost.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Ashampoo AntiSpyWare 2 Guard] C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Windows System Guard] C:\Users\Public\dlll.exe O4 - HKCU\..\Run: [HKCU] C:\windows32\svhost.exe O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m O4 - HKCU\..\Run: [TJHTHX1O7X] C:\Windows\Gqepia.exe O4 - HKCU\..\Run: [JP595IR86O] C:\Users\xxx\AppData\Local\Temp\Gpj.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [cleansweep.exe] C:\cleansweep\cleansweep.exe O4 - HKCU\..\Run: [{0975C502-8454-2B9C-929A-4DCFBB611197}] C:\Users\xxx\AppData\Roaming\Baquu\idka.exe O4 - HKCU\..\Run: [D1T2EUR7FZ] C:\Users\xxx\AppData\Local\Temp\Gpj.exe O4 - HKCU\..\Run: [{7C81166D-3DDD-221E-3655-B2A9EA7E0C21}] C:\Users\xxx\AppData\Roaming\Faug\ozze.exe O4 - HKCU\..\Run: [TBXQRHV4KR] C:\Windows\Gqepia.exe O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\windows32\svhost.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\windows32\svhost.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [D1T2EUR7FZ] C:\Windows\TEMP\Gpi.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [D1T2EUR7FZ] C:\Windows\TEMP\Gpi.exe (User 'Default user') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate1caaa55681723fb) (gupdate1caaa55681723fb) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 8122 bytes hoffe ihr könnt mir weiterhelfen. |
|
25.04.2011, 15:35
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exe Bitte beachten => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html
__________________ |
|
27.04.2011, 10:22
| #3 |
| | Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exe okay also keine HijackThis logs mehr^^
__________________Um zu versuchen es mal auf einen Punkt zu bringen... Ich habe im Verzeichnis c:.\windows\temp\ die Datei gpj.exe sitzen. Hab auch schon versucht sie mit antivir in die Quarantäne zu verschieben und zu löschen aber sie taucht immer wieder auf. Hab sie auch nicht durch antivir sondern durch einen kostenlosen Scan von Prevx entdeckt, der auch noch Sachen wie \REGISTRY\Machine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon als Infected Entry angegeben hat, werd daraus allerdings nicht schlau und find auch im Internet nix.. hoffe ihr könnt mir das erklären. Ich hab hier mal die Ergebbisse von OTL. OTL.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 27.04.2011 11:01:56 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 596,17 Gb Total Space | 34,69 Gb Free Space | 5,82% Space Free | Partition Type: NTFS Computer Name: BENNI-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\Temp\mdpm\setup.exe (Yaltxmgtjn Software) PRC - C:\Programme\Prevx\prevx.exe (Prevx) PRC - C:\Windows\Temp\Gpj.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) PRC - C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\wkscli.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (WinHttpAutoProxySvc) -- File not found SRV - (OpenVPNService) -- File not found SRV - (AMService) -- C:\Windows\TEMP\mdpm\setup.exe (Yaltxmgtjn Software) SRV - (CSIScanner) -- C:\Program Files\Prevx\prevx.exe (Prevx) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TunngleService) -- C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (NMSAccess) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (pxrts) -- C:\Windows\System32\drivers\pxrts.sys (Prevx) DRV - (pxscan) -- C:\Windows\System32\drivers\pxscan.sys (Prevx) DRV - (pxkbf) -- C:\Windows\System32\drivers\pxkbf.sys (Prevx) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.) DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\Windows\System32\drivers\sfsync04.sys (Protection Technology) DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 1C 3D 7E 31 75 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {12E9C9D7-AF2C-4592-80A9-0D68A50873D3}:1.9.1 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.06 00:08:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.06 00:08:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{12E9C9D7-AF2C-4592-80A9-0D68A50873D3}: C:\Users\***\AppData\Local\{12E9C9D7-AF2C-4592-80A9-0D68A50873D3} [2011.01.19 18:46:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\***\AppData\Roaming\5015 [2011.04.22 14:04:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.23 17:30:02 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.23 17:30:01 | 000,000,000 | ---D | M] [2010.02.10 15:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.04.24 18:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\livjw6iy.default\extensions [2011.04.24 18:56:32 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\livjw6iy.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.04.24 18:56:31 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\livjw6iy.default\extensions\engine@conduit.com [2011.04.22 18:24:23 | 000,001,056 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\livjw6iy.default\searchplugins\icqplugin.xml [2011.04.23 17:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions File not found (No name found) -- [2011.01.19 18:46:28 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\***\APPDATA\LOCAL\{12E9C9D7-AF2C-4592-80A9-0D68A50873D3} [2011.04.22 14:04:51 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\***\APPDATA\ROAMING\5015 [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (SafeOnline BHO) - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\Windows\System32\PxSecure.dll (Prevx) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) O4 - HKLM..\Run: [DAEMON Tools] File not found O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HKLM] File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] File not found O4 - HKLM..\Run: [Windows System Guard] File not found O4 - HKCU..\Run: [{0975C502-8454-2B9C-929A-4DCFBB611197}] File not found O4 - HKCU..\Run: [{7C81166D-3DDD-221E-3655-B2A9EA7E0C21}] File not found O4 - HKCU..\Run: [{A05DACE1-F17B-4268-07C0-5AC5E83C1EF7}] C:\Users\***\AppData\Roaming\Gyupum\bysu.exe (kickus) O4 - HKCU..\Run: [Ashampoo AntiSpyWare 2 Guard] File not found O4 - HKCU..\Run: [cleansweep.exe] File not found O4 - HKCU..\Run: [D1T2EUR7FZ] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EA Core] File not found O4 - HKCU..\Run: [HKCU] File not found O4 - HKCU..\Run: [JP595IR86O] File not found O4 - HKCU..\Run: [Performance Center] File not found O4 - HKCU..\Run: [PlayNC Launcher] File not found O4 - HKCU..\Run: [TBXQRHV4KR] File not found O4 - HKCU..\Run: [TJHTHX1O7X] File not found O4 - HKCU..\Run: [Windows System Guard] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\windows32\svhost.exe O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\windows32\svhost.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (C:\Users\***\AppData\Roaming\appconf32.exe) - C:\Users\***\AppData\Roaming\appconf32.exe () O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\config\systemprofile\AppData\Roaming\appconf32.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\appconf32.exe () O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O29 - HKLM SecurityProviders - (credssp.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{295be092-1585-11df-9848-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{295be092-1585-11df-9848-806e6f6e6963}\Shell\AutoRun\command - "" = F:\pushinst.exe O33 - MountPoints2\{44b25b91-5072-11df-bd13-001966ca7853}\Shell - "" = AutoRun O33 - MountPoints2\{44b25b91-5072-11df-bd13-001966ca7853}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\F6FInstallerV2.exe O33 - MountPoints2\{b86aec49-2f5d-11e0-9aba-001966ca7853}\Shell - "" = AutoRun O33 - MountPoints2\{b86aec49-2f5d-11e0-9aba-001966ca7853}\Shell\AutoRun\command - "" = E:\autorun.exe O33 - MountPoints2\{b936a8ed-2907-11df-a396-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b936a8ed-2907-11df-a396-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: ciphtall - (C:\Windows\system32\bcdbdmin.dll) - File not found O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.27 10:56:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\UAs [2011.04.27 10:48:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Gyupum [2011.04.27 10:48:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Biyfud [2011.04.27 10:45:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Ycmir [2011.04.27 10:45:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Anik [2011.04.27 10:42:47 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\***\Desktop\Erunt-setup.exe [2011.04.27 10:42:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.04.27 10:42:47 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\TFC.exe [2011.04.26 19:48:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.26 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.26 19:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.26 19:47:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.26 19:47:52 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.26 19:09:55 | 000,236,496 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\***\AppData\Roaming\AcroIEHelpe028.dll [2011.04.26 17:28:22 | 000,143,360 | ---- | C] (Macromedia, Inc.) -- C:\Windows\System32\null0.01859892305961286.exe [2011.04.26 16:41:08 | 000,143,360 | ---- | C] (Macromedia, Inc.) -- C:\Windows\System32\null0.44189130727596493.exe [2011.04.26 15:33:46 | 000,000,000 | ---D | C] -- C:\xmldm [2011.04.26 15:33:46 | 000,000,000 | ---D | C] -- C:\kock [2011.04.24 12:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2011.04.24 11:24:00 | 000,076,696 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxrts.sys [2011.04.24 11:24:00 | 000,071,880 | ---- | C] (Prevx) -- C:\Windows\System32\PxSecure.dll [2011.04.24 11:24:00 | 000,032,008 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxscan.sys [2011.04.24 11:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prevx 3.0 [2011.04.24 11:23:59 | 000,026,096 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxkbf.sys [2011.04.24 11:23:59 | 000,000,000 | ---D | C] -- C:\Programme\Prevx [2011.04.24 11:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PrevxCSI [2011.04.23 13:30:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.04.22 15:27:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Heup [2011.04.22 14:27:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftAlpha [2011.04.22 14:27:51 | 000,000,000 | ---D | C] -- C:\Programme\MinecraftAlpha [2011.04.22 14:26:27 | 011,155,702 | ---- | C] (none ) -- C:\Users\***\Desktop\Minecraft Alpha Custom Installer.exe [2011.04.22 14:04:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\5015 [2011.04.22 14:04:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\xmldm [2011.04.22 14:04:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\kock [2011.04.22 13:55:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\8551E2330892EC2D87A5CF55C5D5FC07 [2011.04.22 13:53:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2011.04.22 13:53:06 | 000,000,000 | ---D | C] -- C:\Programme\Quick Memory Editor [2011.04.22 13:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2011.04.22 13:27:04 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group [2011.04.21 11:05:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minutor [2011.04.21 11:05:09 | 000,000,000 | ---D | C] -- C:\Programme\Minutor [2011.04.17 14:40:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empire Interactive [2011.04.17 14:31:02 | 000,000,000 | ---D | C] -- C:\Programme\Empire Interactive [2011.04.17 01:20:06 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Rockstar Games [2011.04.17 01:14:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Rockstar Games [2011.04.15 19:19:48 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Server [2011.04.15 16:58:00 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft server [2011.04.15 15:03:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\.minecraft [2011.04.15 13:07:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 13:07:24 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.15 13:07:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 13:07:24 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 13:07:24 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 13:07:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 13:07:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.15 13:07:24 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.15 13:07:24 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 13:07:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.15 13:07:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.15 12:44:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 12:44:14 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.15 12:44:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 12:44:11 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 12:44:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 12:43:34 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.15 12:43:16 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011.04.15 12:43:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.04.15 12:42:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 12:42:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.14 17:51:24 | 000,000,000 | RH-D | C] -- C:\Users\***\AppData\Roaming\SecuROM [2011.04.10 19:59:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Ubisoft Game Launcher [2011.04.03 00:07:22 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Command and Conquer 3 Tiberium Wars [2011.04.02 22:15:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Command and Conquer 3 Tiberium Wars [2011.04.02 15:58:26 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Command & Conquer 3 Tiberium Wars Demo [2011.04.02 14:34:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Command & Conquer 3 Tiberium Wars Demo [1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.27 11:02:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 11:02:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 10:53:40 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2011.04.27 10:53:38 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.04.27 10:53:36 | 000,000,252 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job [2011.04.27 10:53:34 | 000,000,298 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.04.27 10:53:32 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.27 10:53:24 | 000,000,320 | -HS- | M] () -- C:\Windows\tasks\HLWYCRKEG.job [2011.04.27 10:53:24 | 000,000,318 | -HS- | M] () -- C:\Windows\tasks\cixpfua.job [2011.04.27 10:53:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.27 10:52:52 | 2566,365,184 | -HS- | M] () -- C:\hiberfil.sys [2011.04.27 10:47:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2011.04.27 10:42:59 | 000,301,568 | ---- | M] () -- C:\Users\***\Desktop\g2m3e4r.exe [2011.04.27 10:42:56 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\***\Desktop\Erunt-setup.exe [2011.04.27 10:42:55 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.04.27 10:42:55 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\TFC.exe [2011.04.27 10:14:10 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.26 19:48:01 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.26 19:09:55 | 000,236,496 | ---- | M] (Adobe Systems, Incorporated) -- C:\Users\***\AppData\Roaming\AcroIEHelpe028.dll [2011.04.26 17:28:23 | 000,143,360 | ---- | M] (Macromedia, Inc.) -- C:\Windows\System32\null0.01859892305961286.exe [2011.04.26 16:41:08 | 000,143,360 | ---- | M] (Macromedia, Inc.) -- C:\Windows\System32\null0.44189130727596493.exe [2011.04.26 15:56:32 | 000,000,112 | ---- | M] () -- C:\ProgramData\4XxWw5RiJ.dat [2011.04.24 11:24:00 | 000,076,696 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxrts.sys [2011.04.24 11:24:00 | 000,071,880 | ---- | M] (Prevx) -- C:\Windows\System32\PxSecure.dll [2011.04.24 11:24:00 | 000,032,008 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxscan.sys [2011.04.24 11:23:59 | 000,026,096 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxkbf.sys [2011.04.24 11:23:50 | 000,000,053 | ---- | M] () -- C:\Windows\wininit.ini [2011.04.23 17:30:03 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.23 14:13:19 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2011.04.22 14:30:22 | 000,001,373 | ---- | M] () -- C:\Users\***\Desktop\MinecraftSP - Verknüpfung.lnk [2011.04.22 14:27:52 | 000,001,962 | ---- | M] () -- C:\Users\***\Desktop\Minecraft+Updater.lnk [2011.04.22 14:27:52 | 000,001,922 | ---- | M] () -- C:\Users\***\Desktop\minecraft.lnk [2011.04.22 14:27:03 | 011,155,702 | ---- | M] (none ) -- C:\Users\***\Desktop\Minecraft Alpha Custom Installer.exe [2011.04.22 13:53:06 | 000,001,047 | ---- | M] () -- C:\Users\***\Desktop\Quick Memory Editor.lnk [2011.04.22 12:49:50 | 003,364,457 | ---- | M] () -- C:\Users\***\AppData\Roaming\minecraft.rar [2011.04.21 18:22:53 | 000,000,480 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ***.job [2011.04.21 10:03:40 | 000,737,838 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.21 10:03:40 | 000,685,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.21 10:03:40 | 000,159,608 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.21 10:03:40 | 000,130,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.17 14:40:26 | 000,003,165 | ---- | M] () -- C:\Users\***\Desktop\FlatOut2.lnk [2011.04.17 12:13:37 | 000,001,717 | ---- | M] () -- C:\Users\***\Desktop\iw4mp - Verknüpfung.lnk [2011.04.17 09:40:03 | 000,001,667 | ---- | M] () -- C:\Users\***\Desktop\LaunchGTAIV - Verknüpfung.lnk [2011.04.17 00:26:05 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.04.16 09:21:20 | 000,428,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.15 23:34:12 | 000,001,354 | ---- | M] () -- C:\Users\***\Desktop\Minecraft - Verknüpfung.lnk [2011.04.15 19:41:27 | 000,159,788 | ---- | M] () -- C:\Users\***\Desktop\Minecraft.rar [2011.04.14 17:46:55 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Spiele Battlefield 2142 Deluxe Edition jetzt online!.lnk [2011.04.14 17:46:55 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 2142 Deluxe Edition.lnk [2011.04.14 17:46:55 | 000,000,107 | ---- | M] () -- C:\Users\Public\Desktop\Northern Strike Aktivieren.url [2011.04.11 16:18:46 | 034,681,507 | ---- | M] () -- C:\Users\***\AppData\Local\Temp2011con.exe [2011.04.03 00:29:30 | 000,001,484 | ---- | M] () -- C:\Users\***\Desktop\CNC3 - Verknüpfung.lnk [2011.03.31 12:46:41 | 000,158,720 | ---- | M] () -- C:\Users\***\Desktop\vehicles.db [2011.03.29 16:44:30 | 003,667,968 | ---- | M] () -- C:\Users\***\Desktop\hamachi.msi [1 C:\Users\***\AppData\Roaming\*.tmp files -> C:\Users\***\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.27 10:42:48 | 000,301,568 | ---- | C] () -- C:\Users\***\Desktop\g2m3e4r.exe [2011.04.26 19:48:01 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.26 15:41:39 | 000,000,112 | ---- | C] () -- C:\ProgramData\4XxWw5RiJ.dat [2011.04.24 11:23:50 | 000,000,053 | ---- | C] () -- C:\Windows\wininit.ini [2011.04.23 19:46:16 | 000,000,252 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job [2011.04.23 17:30:03 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.04.22 14:30:22 | 000,001,373 | ---- | C] () -- C:\Users\***\Desktop\MinecraftSP - Verknüpfung.lnk [2011.04.22 14:27:52 | 000,001,962 | ---- | C] () -- C:\Users\***\Desktop\Minecraft+Updater.lnk [2011.04.22 14:27:52 | 000,001,922 | ---- | C] () -- C:\Users\***\Desktop\minecraft.lnk [2011.04.22 13:56:00 | 003,364,457 | ---- | C] () -- C:\Users\***\AppData\Roaming\minecraft.rar [2011.04.22 13:53:06 | 000,001,047 | ---- | C] () -- C:\Users\***\Desktop\Quick Memory Editor.lnk [2011.04.22 13:07:25 | 000,000,262 | ---- | C] () -- C:\Users\***\Desktop\Run.lnk [2011.04.22 12:51:06 | 003,667,968 | ---- | C] () -- C:\Users\***\Desktop\hamachi.msi [2011.04.17 14:40:26 | 000,003,165 | ---- | C] () -- C:\Users\***\Desktop\FlatOut2.lnk [2011.04.17 09:40:03 | 000,001,667 | ---- | C] () -- C:\Users\***\Desktop\LaunchGTAIV - Verknüpfung.lnk [2011.04.17 00:33:55 | 000,158,720 | ---- | C] () -- C:\Users\***\Desktop\vehicles.db [2011.04.16 22:58:35 | 000,001,717 | ---- | C] () -- C:\Users\***\Desktop\iw4mp - Verknüpfung.lnk [2011.04.15 15:36:24 | 000,001,354 | ---- | C] () -- C:\Users\***\Desktop\Minecraft - Verknüpfung.lnk [2011.04.15 15:20:32 | 000,159,788 | ---- | C] () -- C:\Users\***\Desktop\Minecraft.rar [2011.04.14 17:46:55 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Spiele Battlefield 2142 Deluxe Edition jetzt online!.lnk [2011.04.14 17:46:55 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 2142 Deluxe Edition.lnk [2011.04.14 17:46:55 | 000,000,107 | ---- | C] () -- C:\Users\Public\Desktop\Northern Strike Aktivieren.url [2011.04.11 16:05:18 | 034,681,507 | ---- | C] () -- C:\Users\***\AppData\Local\Temp2011con.exe [2011.04.03 00:29:30 | 000,001,484 | ---- | C] () -- C:\Users\***\Desktop\CNC3 - Verknüpfung.lnk [2011.01.19 18:46:30 | 000,000,120 | ---- | C] () -- C:\Users\***\AppData\Local\Xbako.dat [2011.01.19 18:46:30 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Local\Nhanofolininozu.bin [2010.12.27 17:10:17 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2010.11.05 15:12:26 | 000,000,096 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat [2010.10.20 16:46:37 | 000,148,320 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.10.13 10:37:28 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat [2010.08.09 17:31:39 | 000,007,605 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2010.07.14 15:03:13 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.07.09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll [2010.06.24 10:37:16 | 000,028,108 | ---- | C] () -- C:\Users\***\AppData\Roaming\OFMissionEditorConfig.xml [2010.05.26 16:08:47 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\chrtmp [2010.05.25 17:58:15 | 016,761,760 | ---- | C] () -- C:\Windows\System32\conviction_game.exe [2010.04.12 20:56:14 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2010.02.16 13:20:28 | 000,042,496 | ---- | C] () -- C:\Windows\System32\spwini.dll [2010.02.10 15:20:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.02.09 17:09:54 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin [2010.01.30 14:26:33 | 000,011,264 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.19 16:33:25 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2009.12.28 17:58:06 | 000,000,055 | ---- | C] () -- C:\Windows\videotoaudio.ini [2009.12.28 17:34:59 | 000,000,005 | ---- | C] () -- C:\Windows\System32\SySatm.dat [2009.12.24 11:48:26 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat [2009.12.11 22:47:34 | 000,022,328 | ---- | C] () -- C:\Users\***\AppData\Roaming\PnkBstrK.sys [2009.12.11 22:47:12 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2009.12.10 16:20:11 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.12.10 16:20:05 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.12.10 16:19:18 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.12.09 18:07:20 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.12.09 18:07:19 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.07.14 10:47:43 | 000,737,838 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,159,608 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,428,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,685,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,130,292 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2008.12.09 17:23:13 | 000,047,840 | RHS- | C] () -- C:\Users\***\AppData\Roaming\appconf32.exe [2004.08.18 18:00:00 | 000,000,012 | ---- | C] () -- C:\Windows\ws386.ini < End of report > Extras.txtOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.04.2011 11:01:56 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,17 Gb Total Space | 34,69 Gb Free Space | 5,82% Space Free | Partition Type: NTFS
Computer Name: BENNI-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Public\dlll.exe" = C:\Users\Public\dlll.exe:*:Enabled:Windows System Guard
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1A4CC779-0B89-45A4-A9BA-A8E0AB26491F}" = 3Dconnexion Plug-In for Photoshop CS3 - CS4
"{1ABD9441-9700-4078-ACF5-0B00AABDCE83}" = 3Dconnexion Add-In for SolidWorks 2005 - 2010
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{222B1BC7-7C51-47AF-8602-7C70CAEA1BE6}" = 3Dconnexion Plug-In for 3ds Max v9 - 2010
"{2569E247-6F6B-41AD-B3E0-4FF0064ABD2F}" = 3Dconnexion Add-In for Solid Edge V18 - ST2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{36E0EEDD-C5DA-4130-A295-EB208546D53A}" = 3Dconnexion Extension for SketchUp
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E329006-9EB3-4979-A36B-BA04FB4EB70C}" = 3Dconnexion Add-In for Inventor 11 - 2010
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42B7C244-607F-4BF4-AEDC-D689F9722418}" = Minutor
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{5731C0A8-B266-451A-8D3F-8066AA21836F}" = Tom Clancy's Rainbow Six Vegas
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{778E2400-C2C4-4797-B82C-E5876619B577}" = DeepRipper v 1.1
"{77AD7AFE-B816-419C-A2D4-FD645B273CBC}" = 3Dconnexion 3DxWare
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BBEEE31-45A8-4BC2-B4D8-E9436B05EFD8}" = Medal of Honor Deutsch und Uncut Patch 32bit
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E641E46-81DB-4D1D-906A-48342523051C}" = FlatOut2
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9226D72B-4CF2-49A1-83C7-215C0148AF03}" = 3Dconnexion Plug-In for NX v3.0 - v7.0
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{95FF9264-38C8-4801-8F4D-3DD4AC7A288B}" = Far Cry 2 Benchmark
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A4365F0A-5F69-4CC4-81B8-431DBBAF0AFE}" = 3Dconnexion Add-In for AutoCAD 2007 - 2010
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC08BBA0-96B9-431A-A7D0-D8598E493775}" = RESIDENT EVIL 5
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C128CDED-5D9B-4112-935C-FE2101966349}" = 3Dconnexion Plug-In for Pro/ENGINEER WF3 - WF5
"{C1ECB98D-1D38-4DBC-976C-457E6BE6EA2B}" = 3Dconnexion Plug-in for Acrobat 3D
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D761C5D2-E727-415A-BC4E-52642CEA1A1C}" = TubeBox!
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{e7394a0f-3f80-45b1-87fc-abcd51893246}" = Python 2.6.4
"{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox!
"{EC105C08-55C5-4275-B439-5A9EBD284A8E}" = 3Dconnexion Plug-In for Maya v8.5 - 2010
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142 Deluxe Edition
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FD238F33-CFBD-415B-B039-64C2E74F3E8B}" = 3Dconnexion Add-On for XSI v3.5 - 2010
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"C-Free 4_is1" = C-Free 4 Standard
"Chimera_is1" = UCSF Chimera production version 1.4.1 (build 30365)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EADM" = EA Download Manager
"Foxit Reader" = Foxit Reader
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Free Video to Android Converter_is1" = Free Video to Android Converter version 2.2.10
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Google Chrome" = Google Chrome
"Gothic II" = Gothic II
"Gothic II - Die Nacht des Raben" = Gothic II - Die Nacht des Raben
"HLSW_is1" = HLSW v1.3.2.1
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only)
"IsoBuster_is1" = IsoBuster 2.8
"JA Launcher" = JA Launcher
"JDownloader" = JDownloader
"Jetfighter 5_is1" = Jetfighter 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Medal Of Honor 2010.Limited Edition_is1" = Medal Of Honor 2010.Limited Edition
"Medal of Honor Deutsch und Uncut Patch 32bit" = Medal of Honor Deutsch und Uncut Patch 32bit
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MinecraftAlpha" = MinecraftAlpha
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Notepad++" = Notepad++
"NSS" = Norton Security Scan
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.1.1
"PCSI" = Prevx
"PROR" = Microsoft Office Professional 2007-Testversion
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"Steam App 2820" = X3: Terran Conflict
"Steam App 33310" = R.U.S.E. Beta
"Steam App 8930" = Sid Meier's Civilization V
"Steamless Left4Dead2 Pack" = Steamless Left4Dead2 Pack
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"Tunngle beta_is1" = Tunngle beta
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 0.9.9
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"World_Series_Of_Poker_1.0" = World Series Of Poker
"X3TerranConflict_is1" = X3 Terran Conflict v3.0
"YouTube Downloader App" = YouTube Downloader App 2.00
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GameRanger" = GameRanger
"NCsoft-Aion" = Aion
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.09.2010 05:57:24 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Spiele\Crysis\Bin64\Crysis64.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.09.2010 05:57:24 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Spiele\Crysis\Bin64\CrysisDedicatedServer.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.09.2010 06:13:14 | Computer Name = Benni-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crysis.exe, Version: 1.1.1.6115,
Zeitstempel: 0x562b029a Name des fehlerhaften Moduls: CryNetwork.dll, Version: 1.1.1.5767,
Zeitstempel: 0x471f95f6 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004ff5 ID des fehlerhaften
Prozesses: 0x12ac Startzeit der fehlerhaften Anwendung: 0x01cb57e19cff064b Pfad der
fehlerhaften Anwendung: C:\Program Files\Spiele\Crysis\Bin32\crysis.exe Pfad des
fehlerhaften Moduls: C:\Program Files\Spiele\Crysis\Bin32\CryNetwork.dll Berichtskennung:
82d8e2e5-c3d6-11df-b115-001966ca7853
Error - 19.09.2010 07:33:59 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 19.09.2010 07:35:39 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\movie
maker\CaptureWizard.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.09.2010 07:35:39 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\movie
maker\DVDMaker.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.09.2010 07:35:40 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\movie
maker\MOVIEMK.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.09.2010 07:35:54 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Spiele\Crysis\Bin64\Crysis64.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.09.2010 07:35:54 | Computer Name = Benni-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Spiele\Crysis\Bin64\CrysisDedicatedServer.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 20.09.2010 11:11:25 | Computer Name = Benni-PC | Source = TnglCtrl.exe | ID = 0
Description =
[ System Events ]
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 27.04.2011 04:55:54 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 27.04.2011 04:57:33 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error - 27.04.2011 05:10:48 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AMService" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
< End of report >
schonmal danke im vorraus für antworten. |
|
27.04.2011, 11:40
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc fast nicht mehr bedienbar, gpj.exe, Gqepia.exe Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
Linear-Darstellung
