| |
| |||||||
Log-Analyse und Auswertung: kritischer fehler beschädigte festplatte-clusterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.04.2011, 11:42
| #1 |
 |  kritischer fehler beschädigte festplatte-cluster hallo ich bin zum ersten mal in so einem forum.ich kenne mich nicht so gut mit pcs aus darum brauch ich eure hilfe. durch öffen eines programms (name weiß ich nicht mehr) sind meine ganze musik,bilder und vieles mehr verloren gegangen.ich hab dann auch eine nachricht bekommen,kritischer fehler beschädigte festplatte-cluster. |
|
25.04.2011, 20:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | kritischer fehler beschädigte festplatte-cluster Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
26.04.2011, 15:20
| #3 |
| | kritischer fehler beschädigte festplatte-cluster Malwarebytes' Anti-Malware 1.50.1.1100
__________________www.malwarebytes.org Datenbank Version: 6447 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19048 26.04.2011 16:19:12 mbam-log-2011-04-26 (16-19-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 373969 Laufzeit: 3 Stunde(n), 0 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 8 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 2 Infizierte Dateien: 5 Infizierte Speicherprozesse: c:\programdata\gownktobbtfmqrq.exe (Trojan.FakeAlert) -> 4500 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127AD2-394B-70F5-C650-B97867BAA1F7} (Backdoor.Bot) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GoWNKtoBbTfMqRQ (Trojan.FakeAlert) -> Value: GoWNKtoBbTfMqRQ -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Value: WINID -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mcexecwin (Trojan.Agent) -> Value: mcexecwin -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87sdhfush87fsufhuie3fddf (Trojan.Downloader) -> Value: hsf87sdhfush87fsufhuie3fddf -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.Downloader) -> Value: hsf87efjhdsf87f3jfsdi7fhsujfd -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Tquvebinurifuc (Trojan.Agent.U) -> Value: Tquvebinurifuc -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{9B7D3089-B3BB-4C36-5524-530154E3137A} (Trojan.ZbotR.Gen) -> Value: {9B7D3089-B3BB-4C36-5524-530154E3137A} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\79887948 (Rogue.Multiple) -> Value: 79887948 -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\osidfjklsdw (Trojan.SpyEyes) -> Quarantined and deleted successfully. c:\programdata\79887948 (Rogue.Multiple) -> Quarantined and deleted successfully. Infizierte Dateien: c:\programdata\gownktobbtfmqrq.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Schade\AppData\Local\Temp\tmpE5FE.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Schade\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. c:\osidfjklsdw\config.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully. |
|
26.04.2011, 15:22
| #4 |
| | kritischer fehler beschädigte festplatte-cluster OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.04.2011 14:09:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Schade\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 33,83 Gb Free Space | 22,70% Space Free | Partition Type: NTFS
Drive E: | 147,58 Gb Total Space | 122,78 Gb Free Space | 83,20% Space Free | Partition Type: NTFS
Computer Name: SCHADE-PC | User Name: Schade | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.04.22 18:45:45 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Schade\Downloads\OTL(1).exe
PRC - [2011.04.22 15:34:16 | 000,565,248 | -H-- | M] (WinTrust) -- C:\ProgramData\GoWNKtoBbTfMqRQ.exe
PRC - [2011.04.09 15:30:04 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox 4.0 Beta 2\plugin-container.exe
PRC - [2011.04.09 15:30:01 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox 4.0 Beta 2\firefox.exe
PRC - [2011.03.16 13:48:08 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.14 17:31:03 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011.02.16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010.11.05 17:33:29 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.05 17:33:25 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.13 17:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2010.09.27 20:15:03 | 000,040,960 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2010.09.13 19:40:53 | 002,969,496 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe
PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.29 00:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Programme\Free Download Manager\fdm.exe
PRC - [2010.04.22 22:37:16 | 002,285,637 | ---- | M] (Informer Technologies, Inc.) -- C:\Programme\Software Informer\softinfo.exe
PRC - [2010.02.17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\Mcshield.exe
PRC - [2010.02.17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe
PRC - [2010.02.11 12:36:12 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee.com\Agent\mcagent.exe
PRC - [2010.02.11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSC\mcmscsvc.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MPF\MpfSrv.exe
PRC - [2009.10.02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee\MSK\msksrver.exe
PRC - [2009.07.08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009.07.07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009.05.12 22:26:42 | 000,299,008 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.04.24 11:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TecoService.exe
PRC - [2009.04.24 11:40:08 | 001,323,008 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TECO\TEco.exe
PRC - [2009.04.23 20:01:24 | 001,011,712 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009.04.21 22:07:32 | 000,303,104 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.04.21 22:07:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.16 18:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009.04.15 17:04:02 | 000,570,736 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009.04.15 17:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009.04.01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009.03.31 10:33:52 | 000,503,808 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009.03.30 16:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009.03.23 14:30:52 | 001,045,904 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproTray.exe
PRC - [2009.03.23 14:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\Toshiba TEMPRO\TemproSvc.exe
PRC - [2009.03.23 11:50:40 | 000,729,088 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009.03.17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.03.10 18:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.06 18:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009.03.06 18:29:04 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009.03.04 15:53:34 | 000,096,144 | ---- | M] (Toshiba Europe GmbH) -- C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2006.11.02 11:44:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\attrib.exe
========== Modules (SafeList) ==========
MOD - [2011.04.22 18:45:45 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Schade\Downloads\OTL(1).exe
MOD - [2011.03.09 17:54:14 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.08.31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.03.16 13:48:08 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.02.16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010.11.05 17:33:29 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.27 20:15:03 | 000,040,960 | -H-- | M] () [Auto | Running] -- C:\Users\Schade\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010.07.28 23:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.02.24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010.02.17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010.02.17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Programme\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2010.02.11 12:36:12 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009.10.27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.10.02 13:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.08.24 14:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009.07.08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009.07.07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009.04.24 11:40:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.04.21 22:07:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.04.16 18:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009.04.15 17:03:40 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.04.01 18:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.03.30 16:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009.03.23 14:30:36 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.03.17 11:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.03.06 18:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
========== Driver Services (SafeList) ==========
DRV - [2011.03.16 13:48:13 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.28 10:49:03 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.02.17 16:52:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010.02.17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010.02.17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010.02.17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010.02.17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009.07.16 12:32:26 | 000,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.24 14:29:28 | 000,163,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.04.21 23:30:14 | 004,491,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.03.20 23:29:18 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009.03.18 11:44:54 | 000,022,272 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009.01.27 19:12:14 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008.11.17 07:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.11.11 18:29:42 | 000,154,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.05.07 11:30:12 | 000,025,896 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2008.01.21 04:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\beep.sys -- (Beep)
DRV - [2007.12.14 11:53:24 | 000,024,200 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.meinvz.net/Home"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.1
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.3.20080730
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/skins7/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.03.24 17:30:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 2\components [2011.04.09 15:30:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 2\plugins
[2009.10.23 18:34:58 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Schade\AppData\Roaming\mozilla\Extensions
[2011.04.19 16:36:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions
[2009.10.24 11:36:48 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.08 16:55:52 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.03.11 16:26:09 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.29 14:46:02 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.04.19 16:36:05 | 000,000,000 | -H-D | M] (kikin plugin) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010.11.24 19:01:57 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.29 14:45:56 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\engine@conduit.com
[2009.12.07 21:20:54 | 000,000,000 | -H-D | M] (Veoh Video Compass) -- C:\Users\Schade\AppData\Roaming\mozilla\Firefox\Profiles\j17rpahg.default\extensions\searchrecs@veoh.com
[2011.04.17 12:43:51 | 000,000,950 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin-1.xml
[2010.09.27 20:15:11 | 000,001,097 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin-2.xml
[2011.04.09 15:30:12 | 000,000,950 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin-3.xml
[2011.02.20 12:21:20 | 000,000,168 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin.src
[2010.06.21 16:35:24 | 000,001,042 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\icqplugin.xml
[2011.04.09 20:17:57 | 000,001,266 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\kikin-search.xml
[2010.12.25 22:37:05 | 000,003,915 | -H-- | M] () -- C:\Users\Schade\AppData\Roaming\Mozilla\Firefox\Profiles\j17rpahg.default\searchplugins\sweetim.xml
[2010.08.11 09:42:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.02.04 19:54:18 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
File not found (No name found) --
[2011.03.24 17:30:26 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010.09.09 21:34:51 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 2\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\SCHADE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J17RPAHG.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
() (No name found) -- C:\USERS\SCHADE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J17RPAHG.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
O1 HOSTS File: ([2010.05.03 17:12:25 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O2 - BHO: (no name) - {ee1babcf-cbe2-4c07-8e18-dfe6fc08c30a} - No CLSID value found.
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Programme\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [EPSON Product Registrierungserinnerung] C:\Windows\Temp\RegModule.exe (Seiko Epson Corporation)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Schade\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Programme\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Programme\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [USB Storage Toolbox] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{9B7D3089-B3BB-4C36-5524-530154E3137A}] File not found
O4 - HKCU..\Run: [79887948] File not found
O4 - HKCU..\Run: [cskcomka,] File not found
O4 - HKCU..\Run: [cskcomka«] File not found
O4 - HKCU..\Run: [cskcomka‡] File not found
O4 - HKCU..\Run: [cskcomka] File not found
O4 - HKCU..\Run: [cskcomka] File not found
O4 - HKCU..\Run: [cskcomka¾] File not found
O4 - HKCU..\Run: [cskcomka4] File not found
O4 - HKCU..\Run: [cskcomkañ] File not found
O4 - HKCU..\Run: [cskcomkaù] File not found
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [GoWNKtoBbTfMqRQ] C:\ProgramData\GoWNKtoBbTfMqRQ.exe (WinTrust)
O4 - HKCU..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] File not found
O4 - HKCU..\Run: [hsf87sdhfush87fsufhuie3fddf] File not found
O4 - HKCU..\Run: [mcexecwin] File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKCU..\Run: [Tquvebinurifuc] File not found
O4 - HKCU..\Run: [vaxvsj] File not found
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Schade\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll (Google Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Schade\Desktop\meinvz-bilder\1-8167b2ce882db2eacfd6ed5f291661dd.jpg
O24 - Desktop BackupWallPaper: C:\Users\Schade\Desktop\meinvz-bilder\1-8167b2ce882db2eacfd6ed5f291661dd.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.22 18:32:01 | 000,000,000 | -H-D | C] -- C:\Users\Schade\AppData\Roaming\Uniblue
[2011.04.22 18:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.04.22 18:31:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.04.22 18:31:52 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.04.22 18:31:36 | 000,000,000 | -H-D | C] -- C:\Users\Schade\AppData\Local\PackageAware
[2011.04.22 15:41:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\beep.sys
[2011.04.22 15:34:16 | 000,565,248 | -H-- | C] (WinTrust) -- C:\ProgramData\GoWNKtoBbTfMqRQ.exe
[2011.04.16 13:18:25 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.16 13:18:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.16 13:18:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.16 13:18:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.16 13:18:17 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.16 13:18:16 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.16 13:18:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.16 13:18:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.16 13:18:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.16 13:18:16 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.16 13:18:16 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.16 13:18:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.16 13:18:16 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.16 13:18:16 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.16 13:18:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.16 13:18:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.16 13:18:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.16 13:18:15 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.16 13:18:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.16 13:17:54 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.16 13:17:53 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.16 13:17:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.16 13:17:43 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.16 13:17:36 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.16 13:17:36 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.07 22:32:27 | 000,000,000 | -H-D | C] -- C:\Users\Schade\Desktop\Bewerbungen
[2011.03.29 15:40:08 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2011.03.29 15:40:05 | 000,000,000 | -H-D | C] -- C:\Users\Schade\AppData\Local\Conduit
[2009.06.16 14:03:56 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\Interop.SHDocVw.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.23 13:59:55 | 000,033,191 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011.04.23 13:59:07 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.23 13:59:00 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.04.23 13:58:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.23 13:58:52 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.23 13:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.23 13:58:42 | 3184,394,240 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.23 13:53:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.22 18:31:57 | 000,001,881 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.04.22 15:34:16 | 000,565,248 | -H-- | M] (WinTrust) -- C:\ProgramData\GoWNKtoBbTfMqRQ.exe
[2011.04.22 13:06:28 | 000,007,377 | -HS- | M] () -- C:\Users\Schade\Folder.jpg
[2011.04.22 13:06:28 | 000,002,066 | -HS- | M] () -- C:\Users\Schade\AlbumArtSmall.jpg
[2011.04.20 11:29:29 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.20 11:29:29 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.20 11:29:29 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.20 11:29:29 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.17 17:16:32 | 000,303,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.13 18:24:31 | 004,352,128 | -H-- | M] () -- C:\Users\Schade\Documents\BIZZY MONTANA & BUSHIDO - TRÄNE AUS BLUT.mp3
[2011.04.11 18:08:14 | 002,803,840 | -H-- | M] () -- C:\Users\Schade\Tut mir leid. ich bin betrunken.mp3
[2011.04.11 18:07:51 | 004,284,544 | -H-- | M] () -- C:\Users\Schade\Atze Bauer - Ich trink ein Bier auf Hartz4.mp3
[2011.04.11 18:04:13 | 002,775,168 | -H-- | M] () -- C:\Users\Schade\Gruppensex im Altersheim-Die 3 Besoffskis.mp3
[2011.04.09 16:45:27 | 000,340,096 | -H-- | M] () -- C:\Users\Schade\FC Bayern München - 's Leben is wia a Traum - Torhymne.mp3
[2011.04.09 16:44:43 | 002,734,208 | -H-- | M] () -- C:\Users\Schade\Rockin Beatz - Robery.mp3
[2011.04.08 16:23:53 | 001,403,008 | -H-- | M] () -- C:\Users\Schade\Documents\the viking song lyrics.mp3
[2011.04.07 23:12:18 | 000,055,296 | -H-- | M] () -- C:\Users\Schade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.06 14:20:53 | 004,493,440 | -H-- | M] () -- C:\Users\Schade\Serj Tankian-Baby with lyrics.mp3
[2011.04.06 14:18:13 | 003,539,072 | -H-- | M] () -- C:\Users\Schade\Motörhead - Ace of Spades.mp3
[2011.04.05 22:58:27 | 004,530,304 | -H-- | M] () -- C:\Users\Schade\System Of A Down - Toxicity-Official Video.mp3
[2011.04.05 22:56:57 | 003,438,720 | -H-- | M] () -- C:\Users\Schade\Serj Tankian 'Empty Walls' (Lyrics Video).mp3
[2011.04.05 22:52:08 | 002,474,112 | -H-- | M] () -- C:\Users\Schade\Serj Tankian - Sky Is Over (Alt Video).mp3
[2011.04.05 22:49:52 | 003,684,480 | -H-- | M] () -- C:\Users\Schade\System of a down Chop suey! Lyrics.mp3
[2011.04.05 18:11:41 | 003,446,912 | -H-- | M] () -- C:\Users\Schade\Jason DeRulo- 'What If' - Official Video.mp3
[2011.04.05 16:04:39 | 003,977,344 | -H-- | M] () -- C:\Users\Schade\Dendemann - Stumpf ist Trumpf 3.0.mp3
[2011.04.03 18:01:56 | 000,000,104 | -H-- | M] () -- C:\Users\Schade\Desktop\Papierkorb - Verknüpfung.lnk
[2011.04.02 13:01:30 | 004,335,744 | -H-- | M] () -- C:\Users\Schade\Rihanna - S&M official music video.mp3
[2011.04.02 12:56:57 | 004,225,152 | -H-- | M] () -- C:\Users\Schade\Rihanna feat. Drake - What's my Name.mp3
[2011.04.01 19:36:26 | 005,957,760 | -H-- | M] () -- C:\Users\Schade\Friesenjung.mp3
[2011.03.31 23:12:55 | 003,479,680 | -H-- | M] () -- C:\Users\Schade\cypress hill ft everlast - laugh now.mp3
[2011.03.31 23:12:15 | 003,942,528 | -H-- | M] () -- C:\Users\Schade\Everlast - What It's Like.mp3
[2011.03.31 23:10:56 | 002,865,280 | -H-- | M] () -- C:\Users\Schade\White Trash Beautiful.mp3
[2011.03.31 19:27:21 | 003,383,424 | -H-- | M] () -- C:\Users\Schade\Itchy Poopzkid - Why Still Bother.mp3
[2011.03.31 15:21:37 | 003,797,120 | -H-- | M] () -- C:\Users\Schade\Die Atzen feat. Nena - Strobo Pop (Official Video).mp3
[2011.03.31 15:20:51 | 003,704,960 | -H-- | M] () -- C:\Users\Schade\Black Eyed Peas - Just Can't Get Enough.mp3
[2011.03.29 21:33:53 | 004,704,384 | -H-- | M] () -- C:\Users\Schade\Tribute to Michael Jackson The Game.Chris Brown.Diddy.Boyz II Men - Better on the other side.mp3
[2011.03.29 21:28:24 | 004,315,264 | -H-- | M] () -- C:\Users\Schade\Phil Collins - Another Day in Paradise.mp3
[2011.03.29 21:24:50 | 005,826,688 | -H-- | M] () -- C:\Users\Schade\'I Can't Dance' - Genesis 'We can't Dance' - Music Video 1991.mp3
[2011.03.29 21:14:39 | 002,244,736 | -H-- | M] () -- C:\Users\Schade\KoRn - Word Up.mp3
[2011.03.29 21:13:03 | 004,362,368 | -H-- | M] () -- C:\Users\Schade\Korn-Twisted Transistor.mp3
[2011.03.29 20:55:08 | 004,315,264 | -H-- | M] () -- C:\Users\Schade\Richie Kotzen - You Can't Save Me.mp3
[2011.03.29 20:44:39 | 005,781,632 | -H-- | M] () -- C:\Users\Schade\Emil Bulls - Here Comes The Fire.mp3
[2011.03.29 15:39:42 | 000,001,037 | -H-- | M] () -- C:\Users\Schade\Desktop\DVDVideoSoft Free Studio.lnk
[2011.03.29 15:39:20 | 000,001,196 | -H-- | M] () -- C:\Users\Schade\Desktop\Free YouTube to MP3 Converter.lnk
[2011.03.27 12:54:42 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.22 18:32:03 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011.04.22 18:31:57 | 000,001,881 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.04.13 18:24:02 | 004,352,128 | -H-- | C] () -- C:\Users\Schade\Documents\BIZZY MONTANA & BUSHIDO - TRÄNE AUS BLUT.mp3
[2011.04.11 18:07:59 | 002,803,840 | -H-- | C] () -- C:\Users\Schade\Tut mir leid. ich bin betrunken.mp3
[2011.04.11 18:07:27 | 004,284,544 | -H-- | C] () -- C:\Users\Schade\Atze Bauer - Ich trink ein Bier auf Hartz4.mp3
[2011.04.11 18:03:57 | 002,775,168 | -H-- | C] () -- C:\Users\Schade\Gruppensex im Altersheim-Die 3 Besoffskis.mp3
[2011.04.09 16:45:24 | 000,340,096 | -H-- | C] () -- C:\Users\Schade\FC Bayern München - 's Leben is wia a Traum - Torhymne.mp3
[2011.04.09 16:44:27 | 002,734,208 | -H-- | C] () -- C:\Users\Schade\Rockin Beatz - Robery.mp3
[2011.04.08 16:23:45 | 001,403,008 | -H-- | C] () -- C:\Users\Schade\Documents\the viking song lyrics.mp3
[2011.04.07 22:36:33 | 006,957,056 | -H-- | C] () -- C:\Users\Schade\Kool Savas 'Feuer' feat. Amar. Caput. Ercandize & Mottaman aka. Moe Mitchell (Official HQ Video)_1.mp3
[2011.04.07 22:36:33 | 006,957,056 | -H-- | C] () -- C:\Users\Schade\Kool Savas 'Feuer' feat. Amar. Caput. Ercandize & Mottaman aka. Moe Mitchell (Official HQ Video).mp3
[2011.04.07 22:36:33 | 003,047,424 | -H-- | C] () -- C:\Users\Schade\Kool Savas - Krone (Riptor Remix Snippet).mp3
[2011.04.07 22:36:32 | 010,813,440 | -H-- | C] () -- C:\Users\Schade\Kool Savas 'Der Beweis 2- Mammut RMX' (Official HQ Video)_1.mp3
[2011.04.07 22:36:32 | 003,047,424 | -H-- | C] () -- C:\Users\Schade\Kool Savas - Krone (Riptor Remix Snippet)_1.mp3
[2011.04.06 14:20:24 | 004,493,440 | -H-- | C] () -- C:\Users\Schade\Serj Tankian-Baby with lyrics.mp3
[2011.04.06 14:17:55 | 003,539,072 | -H-- | C] () -- C:\Users\Schade\Motörhead - Ace of Spades.mp3
[2011.04.05 22:58:02 | 004,530,304 | -H-- | C] () -- C:\Users\Schade\System Of A Down - Toxicity-Official Video.mp3
[2011.04.05 22:56:40 | 003,438,720 | -H-- | C] () -- C:\Users\Schade\Serj Tankian 'Empty Walls' (Lyrics Video).mp3
[2011.04.05 22:51:54 | 002,474,112 | -H-- | C] () -- C:\Users\Schade\Serj Tankian - Sky Is Over (Alt Video).mp3
[2011.04.05 22:49:28 | 003,684,480 | -H-- | C] () -- C:\Users\Schade\System of a down Chop suey! Lyrics.mp3
[2011.04.05 18:11:11 | 003,446,912 | -H-- | C] () -- C:\Users\Schade\Jason DeRulo- 'What If' - Official Video.mp3
[2011.04.05 16:04:22 | 003,977,344 | -H-- | C] () -- C:\Users\Schade\Dendemann - Stumpf ist Trumpf 3.0.mp3
[2011.04.03 18:01:56 | 000,000,104 | -H-- | C] () -- C:\Users\Schade\Desktop\Papierkorb - Verknüpfung.lnk
[2011.04.02 13:01:00 | 004,335,744 | -H-- | C] () -- C:\Users\Schade\Rihanna - S&M official music video.mp3
[2011.04.02 12:56:26 | 004,225,152 | -H-- | C] () -- C:\Users\Schade\Rihanna feat. Drake - What's my Name.mp3
[2011.04.01 19:35:55 | 005,957,760 | -H-- | C] () -- C:\Users\Schade\Friesenjung.mp3
[2011.03.31 23:12:32 | 003,479,680 | -H-- | C] () -- C:\Users\Schade\cypress hill ft everlast - laugh now.mp3
[2011.03.31 23:11:55 | 003,942,528 | -H-- | C] () -- C:\Users\Schade\Everlast - What It's Like.mp3
[2011.03.31 23:10:40 | 002,865,280 | -H-- | C] () -- C:\Users\Schade\White Trash Beautiful.mp3
[2011.03.31 19:27:02 | 003,383,424 | -H-- | C] () -- C:\Users\Schade\Itchy Poopzkid - Why Still Bother.mp3
[2011.03.31 15:21:21 | 003,797,120 | -H-- | C] () -- C:\Users\Schade\Die Atzen feat. Nena - Strobo Pop (Official Video).mp3
[2011.03.31 15:20:29 | 003,704,960 | -H-- | C] () -- C:\Users\Schade\Black Eyed Peas - Just Can't Get Enough.mp3
[2011.03.30 12:43:11 | 005,781,632 | -H-- | C] () -- C:\Users\Schade\Emil Bulls - Here Comes The Fire.mp3
[2011.03.30 12:40:13 | 004,704,384 | -H-- | C] () -- C:\Users\Schade\Tribute to Michael Jackson The Game.Chris Brown.Diddy.Boyz II Men - Better on the other side.mp3
[2011.03.30 12:40:00 | 004,315,264 | -H-- | C] () -- C:\Users\Schade\Phil Collins - Another Day in Paradise.mp3
[2011.03.30 12:39:51 | 005,826,688 | -H-- | C] () -- C:\Users\Schade\'I Can't Dance' - Genesis 'We can't Dance' - Music Video 1991.mp3
[2011.03.30 12:39:38 | 002,244,736 | -H-- | C] () -- C:\Users\Schade\KoRn - Word Up.mp3
[2011.03.30 12:39:22 | 004,362,368 | -H-- | C] () -- C:\Users\Schade\Korn-Twisted Transistor.mp3
[2011.03.30 12:36:54 | 004,315,264 | -H-- | C] () -- C:\Users\Schade\Richie Kotzen - You Can't Save Me.mp3
[2011.03.29 15:39:20 | 000,001,196 | -H-- | C] () -- C:\Users\Schade\Desktop\Free YouTube to MP3 Converter.lnk
[2010.09.14 16:52:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.14 12:59:07 | 000,000,265 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.04.27 19:25:54 | 000,000,680 | -H-- | C] () -- C:\Users\Schade\AppData\Local\d3d9caps.dat
[2010.02.02 17:07:59 | 000,017,089 | -H-- | C] () -- C:\Users\Schade\AppData\Roaming\UserTile.png
[2009.09.24 13:13:34 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.09.24 13:13:34 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.09.24 13:13:34 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.09.24 13:13:34 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.09.24 13:13:34 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.09.24 13:13:34 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.09.24 13:13:34 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.09.24 13:13:34 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.09.24 13:13:34 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.09.24 13:13:34 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.09.24 13:13:34 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.09.24 13:13:34 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.09.24 13:13:34 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.09.24 13:13:34 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.09.24 13:13:34 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.09.24 13:13:34 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009.09.24 13:13:34 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.09.24 13:13:34 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.09.24 13:13:34 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.09.24 13:08:51 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2009.09.04 15:37:45 | 000,055,296 | -H-- | C] () -- C:\Users\Schade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.03 15:04:21 | 000,000,116 | -H-- | C] () -- C:\Users\Schade\AppData\Roaming\wklnhst.dat
[2009.07.16 12:50:09 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.07.16 12:23:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.16 12:21:03 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.07.16 12:21:03 | 000,184,751 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.07.16 12:21:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.07.16 12:21:03 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.06.16 14:03:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\dossec.dll
[2009.06.09 11:02:11 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2009.06.09 10:59:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.06.09 09:31:39 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.09 09:31:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.09.02 02:32:38 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2008.01.21 09:15:58 | 000,618,442 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,303,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2010.08.11 14:49:37 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\8193B4DD639C3A01591850473B0335B6
[2010.04.27 21:04:23 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Desktopicon
[2011.03.29 15:39:35 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.01.25 15:01:48 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\EPSON
[2009.09.15 20:54:14 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Farm Mania
[2011.04.23 14:16:32 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Free Download Manager
[2009.09.16 22:12:13 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\funkitron
[2011.04.23 13:57:46 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\ICQ
[2011.04.09 20:17:51 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\kikin
[2010.09.14 18:01:48 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\LolClient
[2010.08.08 19:34:41 | 000,000,000 | -HSD | M] -- C:\Users\Schade\AppData\Roaming\lowsec
[2009.09.02 19:56:31 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\myphotobook
[2011.01.18 17:20:58 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Netlib
[2010.09.27 20:15:02 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\OCS
[2009.11.08 17:54:48 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\OpenCandy
[2010.09.27 20:15:12 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Opera
[2010.04.27 19:54:40 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Oshe
[2010.02.02 17:07:59 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\PeerNetworking
[2009.09.15 19:46:04 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\PlayFirst
[2009.10.07 16:32:52 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Qlikworld
[2011.04.23 13:37:49 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Software Informer
[2010.09.14 16:41:24 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\TeamViewer
[2011.03.12 00:25:19 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\temp
[2009.09.03 15:04:34 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Template
[2009.09.18 18:28:35 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\toshiba
[2011.04.22 18:32:01 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Uniblue
[2009.09.02 19:32:24 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\WildTangent
[2009.09.16 22:18:38 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\WildTangentv1001
[2010.04.27 20:09:40 | 000,000,000 | -H-D | M] -- C:\Users\Schade\AppData\Roaming\Xoeqas
[2010.07.15 01:00:00 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2010.12.01 02:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011.04.23 13:59:00 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011.04.23 13:57:54 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
26.04.2011, 15:24
| #5 |
| | kritischer fehler beschädigte festplatte-cluster OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.04.2011 14:09:04 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Schade\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 33,83 Gb Free Space | 22,70% Space Free | Partition Type: NTFS
Drive E: | 147,58 Gb Total Space | 122,78 Gb Free Space | 83,20% Space Free | Partition Type: NTFS
Computer Name: SCHADE-PC | User Name: Schade | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 4.0 Beta 2\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{61775BC4-38E0-4A53-88AB-EAAFE7AEBA0B}" = lport=6927 | protocol=17 | dir=in | name=league of legends launcher |
"{C2BE2F6E-20D4-43FF-B325-7FC5F0F084A2}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
"{C915E351-8501-4797-AC26-A8ADC0C824FA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DCA58AB9-9D10-4221-B255-CBCA5E4140B7}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{E4EF4DAD-8AB3-4C2B-B4C3-47F7E14F0A31}" = lport=6927 | protocol=6 | dir=in | name=league of legends launcher |
"{F67D2A91-DEED-42C2-8716-4568BAF8F252}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C4C531E-5A38-4CC7-8121-10AF226E528E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{0D392AF4-E02D-4840-9748-95279A89D034}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2B146739-DF9E-4C5A-B5A4-0EBD3B315B0F}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2D060A44-632C-46C0-BAB0-602D46024AC5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{35AC780A-92E0-4DCE-96D3-9000463083A3}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4000F345-2841-4895-B3D0-CDD23BF2C8BA}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{411EB9F7-AF80-4730-B795-0C5D3333DA87}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{4250C3D3-6568-4795-B0B7-5ADAB1675D80}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{447678BD-45EC-4CA7-A7CE-4D6CF4D4A72E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{466652EE-3FC6-4E3E-97B3-1615095597F9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4A04C791-99C3-4341-900A-BC7750A5F616}" = protocol=17 | dir=in | app=c:\programdata\sweetim\messenger\update\sweetimsetup.exe |
"{602B6B47-A94B-4504-9D36-E5E810273600}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{61757678-A1CE-4CA3-8EA0-B140FBC73453}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{6462CDF5-4097-4F5D-9726-70242C2FD69C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{697ABD74-B0EF-475D-8629-3F56C9190C06}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6D815E91-AE8A-4DAB-AEE2-66B2C3FFDB6C}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{76E16E04-8DFF-4C27-A0BF-03C6BE3E78D2}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{7E8D4524-D0CF-432F-9BA9-C4D751458D44}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{8838F780-5120-4BE4-8090-8D9C2967D97C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8AE27E01-94D9-43BB-B798-26629F8CF4BC}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{948B9E71-7A04-4B2F-8CB9-A0606E07DCB7}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{953DDD71-306D-464B-80E3-2EBE03CA6AF7}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A0BC871B-90A6-47B2-92F7-D8D9DC16F5B8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A6E11990-DD20-4AA7-A990-53F0A953E212}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{AEC65406-E64B-40C1-AF36-C618F4696AD6}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{B22188CE-7E8A-4F22-A2A8-BD97CF173EB0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B84B8422-7F3C-4D0B-BF2D-C1FBB690427B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\techland\call of juarez - bound in blood\cojbibgame_x86.exe |
"{B8C8DBE5-A08E-41A0-8EBD-360346214769}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B92B9ADC-AAEF-4BBE-901E-5D7E3B28C357}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{BB29B7B7-97EB-41F2-9DC0-B226E980DCD4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\techland\call of juarez - bound in blood\cojbibgame_x86.exe |
"{C2ED0242-8BF5-4319-8B94-A6D4C84AA1A1}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C7A009DD-8AC5-4DE8-A897-E8E0F331D55F}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{CEDE0C71-E29E-4172-BABF-8A72984A3140}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{CEE01B33-B28A-43B3-88F6-74C33AB988E4}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{CFF5E7CF-3B0B-493E-B161-04E072010DE6}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D005580C-DA13-4C0D-83F5-2ECF9F8830B3}" = protocol=6 | dir=in | app=c:\programdata\sweetim\messenger\update\sweetimsetup.exe |
"{D36FEAC9-BD87-49D4-84B1-09450D20C291}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D6EACFF5-FA40-4752-95CE-8C45F1E044E4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{DF67AFC2-26F8-4FAB-8EDA-DC621147037C}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{E6F10124-DD58-409A-9168-F69BCEDBEBEE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E75F7111-8D08-4E3F-B1B9-084188F6124D}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{E7B7C0B5-E450-49B6-8F58-AC77063CD053}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{E95216C3-CDFE-4105-B6FD-0D40523608F8}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{EAFDED29-148C-4DDF-8726-0A284BDF4E30}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{ED4B7791-4260-4AF3-AD0D-896909CD93C4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F40B738D-247B-4886-A24B-0908F6126B48}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06223EA1-8977-4A44-B2AB-30FD78B7DCC1}" = CCC Help Thai
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0CF37D58-38A8-E03F-8DD8-B01B55C09615}" = CCC Help English
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{16393B5A-43A8-434B-B22A-0724581F7873}" = GameShadow
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21
"{27349465-3521-8214-5311-286D806C86C3}" = CCC Help Dutch
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{32762866-8C6E-437E-1E79-4506FEB7323A}" = Catalyst Control Center Graphics Full Existing
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CAF2B2D-0DA3-7BD6-6701-E3D71992DB78}" = Catalyst Control Center Localization All
"{3D0DC563-4C99-4AB1-8C22-514940666938}" = Catalyst Control Center - Branding
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4324E4DD-C67C-A413-5C12-5DC694A99AF6}" = ATI Catalyst Install Manager
"{45633D5F-76CE-B1D7-325B-A3F329AA99DB}" = Catalyst Control Center InstallProxy
"{4786E500-4FA0-C30F-D4E8-0E3D70D86227}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F147AEF-790D-DBE2-5830-94D90C02AC24}" = Catalyst Control Center Graphics Full New
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{5985DD7D-67F4-DD15-8589-B3F43C4A111D}" = CCC Help Chinese Traditional
"{5D264375-3E92-7D10-F219-3536F5BAE7BA}" = CCC Help Japanese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F98C4EE-879F-232C-3F44-0BBFAB6A29D4}" = CCC Help Polish
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61F8A9EC-5CB4-0001-FF88-C469156BA14C}" = CCC Help German
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67830C2E-0345-7CE7-3829-8AB3D34E3AEB}" = CCC Help Turkish
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6A9B4C2D-E651-6DD7-EC1D-AF331F250AB8}" = ccc-core-static
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DEEDB89-D449-B985-4E0E-91D45AF66DFF}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7513A376-16F0-7E53-5CA1-7DA10A6216BC}" = CCC Help Danish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C30283C-8DC7-4FBB-805E-52BEA5F580E8}" = Toshiba TEMPRO
"{811EF3A7-0861-0B8F-5432-3052E8230DC0}" = Catalyst Control Center Graphics Light
"{8259E348-50E8-A3C8-52B8-699DFDD31BA8}" = CCC Help Finnish
"{85E4952C-8C85-A58D-B9D9-783D1FADB775}" = Skins
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8921F4ED-A696-D629-45E6-45A43A0F4FF0}" = CCC Help Czech
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98C70B57-4930-7088-22F4-93FC196938D0}" = CCC Help Chinese Standard
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6137721-B2D0-1DAF-0B19-12AB0D065C45}" = Catalyst Control Center Core Implementation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC1A4255-0EC8-585B-2D1A-8306C07F2B91}" = CCC Help Hungarian
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEE65D6C-EDF4-B3E1-00CD-B17A6FC6BC6A}" = CCC Help Italian
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F119C0-6886-A250-BF18-3ABEAA26F6A5}" = CCC Help Korean
"{BF5EE349-90CD-4422-A43B-661778180173}" = MP3 Player
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFE1AA90-5B5E-4907-95E6-F55923555B16}" = Bigben PC controller
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DB64C016-1705-36E9-1AEA-C2D4738BDE9A}" = CCC Help Norwegian
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DE2E45A2-31B1-7D26-2701-B1244763DE10}" = CCC Help Portuguese
"{E16087F4-3CE3-B644-A5F5-503F55F34CC0}" = CCC Help Russian
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin 2.5
"{E4FD13E2-1638-A5B8-E28A-54D39F13D747}" = Catalyst Control Center Graphics Previews Vista
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E4A500-34B5-E8B7-FC2C-3726A0577AAD}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F34009E9-6EA5-F0D2-4D7D-A9CE421908B6}" = CCC Help Greek
"{F69114BE-EFDC-C756-1B38-ABD1E4873113}" = ccc-utility
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"CX4300_5500_DX4400 Handbuch" = CX4300_5500_DX4400 Handbuch
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EA Installer.1475696318" = EA Installer
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Disk Creator Reminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}" = Call of Juarez - Bound in Blood
"KaloMa_is1" = KaloMa 4.76
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"MSC" = McAfee SecurityCenter
"myphotobook" = myphotobook 3.65
"OpenAL" = OpenAL
"Picasa2" = Picasa 2
"PokerStars.net" = PokerStars.net
"SearchAnonymizer" = SearchAnonymizer
"Software Informer_is1" = Software Informer 1.0 BETA
"SopCast" = SopCast 3.2.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.17
"Veoh Web Player Beta" = Veoh Web Player
"vShare" = vShare Plugin
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.02.2010 15:42:21 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.02.2010 16:12:22 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.02.2010 07:24:57 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.02.2010 08:23:05 | Computer Name = Schade-PC | Source = Google Update | ID = 20
Description =
Error - 20.02.2010 09:23:05 | Computer Name = Schade-PC | Source = Google Update | ID = 20
Description =
Error - 20.02.2010 15:48:43 | Computer Name = Schade-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Steam.exe, Version 1.0.0.0, Zeitstempel 0x4aaadaf8,
fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18000, Zeitstempel 0x4791a7a6, Ausnahmecode
0xc0000005, Fehleroffset 0x0003d13a, Prozess-ID 0x10e8, Anwendungsstartzeit 01cab2659ee646f8.
Error - 20.02.2010 15:49:24 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.02.2010 16:23:06 | Computer Name = Schade-PC | Source = Google Update | ID = 20
Description =
Error - 21.02.2010 01:26:13 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.02.2010 04:36:39 | Computer Name = Schade-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 19.02.2011 00:00:37 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (7816.1128)
Error - 19.02.2011 00:00:37 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (7816.1129)
Error - 24.02.2011 06:37:27 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (7204.1128)
Error - 24.02.2011 06:37:27 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (7204.1129)
Error - 29.03.2011 10:50:20 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (7364.1128)
Error - 29.03.2011 10:50:20 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (7364.1129)
Error - 13.04.2011 00:04:54 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (8068.1128)
Error - 13.04.2011 00:04:54 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (8068.1129)
Error - 16.04.2011 10:24:08 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Fehler beim Herstellen der Internetverbindung. (3616.1128)
Error - 16.04.2011 10:24:08 | Computer Name = Schade-PC | Source = MCUpdate | ID = 0
Description = Serververbindung konnte nicht hergestellt werden.. (3616.1129)
[ System Events ]
Error - 22.04.2011 12:04:22 | Computer Name = Schade-PC | Source = HTTP | ID = 15016
Description =
Error - 22.04.2011 12:06:03 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.04.2011 12:06:03 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22.04.2011 12:53:49 | Computer Name = Schade-PC | Source = HTTP | ID = 15016
Description =
Error - 22.04.2011 12:55:29 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.04.2011 12:55:29 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2011 07:58:48 | Computer Name = Schade-PC | Source = HTTP | ID = 15016
Description =
Error - 23.04.2011 08:00:29 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.04.2011 08:00:29 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2011 08:04:05 | Computer Name = Schade-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
Geändert von schadinho7 (26.04.2011 um 15:34 Uhr) |
|
26.04.2011, 15:35
| #6 |
| | kritischer fehler beschädigte festplatte-cluster ich hoffe das ich alles richtig gemacht habe... |
|
26.04.2011, 17:44
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | kritischer fehler beschädigte festplatte-cluster Wieder ein Paradebeispiel dafür, wie unsinnig bis kontraproduktiv mehrere Virenscanner sind: Du hast McAfee und AntiVir installiert. Dennoch hast du die Pest im System. Eigentlich müsste man sagen "gerade deswegen" weil Virenscanner wie AntiVir und McAfee gleichzeitig installiert sich eher behindern. Viel hilft viel ist hier genau falsch. Deinstallier erstmal beide Virenscanner, die behindern jetzt eher als dass sie was nützen und die Infektion ist eh da und muss erstmal beseitigt werden. Mach nach den Deinstallationen einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKCU..\Run: [Tquvebinurifuc] File not found
O4 - HKCU..\Run: [vaxvsj] File not found
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [GoWNKtoBbTfMqRQ] C:\ProgramData\GoWNKtoBbTfMqRQ.exe (WinTrust)
O4 - HKCU..\Run: [hsf87efjhdsf87f3jfsdi7fhsujfd] File not found
O4 - HKCU..\Run: [hsf87sdhfush87fsufhuie3fddf] File not found
O4 - HKCU..\Run: [mcexecwin] File not found
O4 - HKCU..\Run: [{9B7D3089-B3BB-4C36-5524-530154E3137A}] File not found
O4 - HKCU..\Run: [79887948] File not found
O4 - HKCU..\Run: [cskcomka,] File not found
O4 - HKCU..\Run: [cskcomka«] File not found
O4 - HKCU..\Run: [cskcomka‡] File not found
O4 - HKCU..\Run: [cskcomka] File not found
O4 - HKCU..\Run: [cskcomka] File not found
O4 - HKCU..\Run: [cskcomka¾] File not found
O4 - HKCU..\Run: [cskcomka4] File not found
O4 - HKCU..\Run: [cskcomkañ] File not found
O4 - HKCU..\Run: [cskcomkaù] File not found
O4 - HKCU..\Run: [EA Core] File not found
:Files
C:\ProgramData\*.exe
C:\Users\Schade\AppData\Roaming\8*
C:\Users\Schade\AppData\Roaming\lowsec
C:\Users\Schade\AppData\Roaming\Xoeqas
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.04.2011, 18:18
| #8 |
| | kritischer fehler beschädigte festplatte-cluster ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Tquvebinurifuc not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\vaxvsj deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoWNKtoBbTfMqRQ not found. File C:\ProgramData\GoWNKtoBbTfMqRQ.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\hsf87efjhdsf87f3jfsdi7fhsujfd not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\hsf87sdhfush87fsufhuie3fddf not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\mcexecwin not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{9B7D3089-B3BB-4C36-5524-530154E3137A} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9B7D3089-B3BB-4C36-5524-530154E3137A}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\79887948 not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka, deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka« deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka‡ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka¾ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomka4 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomkañ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cskcomkaù deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully. ========== FILES ========== C:\ProgramData\43441928.exe moved successfully. C:\ProgramData\sFGtypQnwU.exe moved successfully. C:\Users\Schade\AppData\Roaming\8193B4DD639C3A01591850473B0335B6 folder moved successfully. C:\Users\Schade\AppData\Roaming\lowsec folder moved successfully. C:\Users\Schade\AppData\Roaming\Xoeqas folder moved successfully. OTL by OldTimer - Version 3.2.22.3 log created on 04262011_191730 |
|
26.04.2011, 18:53
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | kritischer fehler beschädigte festplatte-cluster Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.04.2011, 19:45
| #10 |
| | kritischer fehler beschädigte festplatte-cluster meine daten sind jetzt wieder sichtbar ,aber tdsskliller lässt sich nicht öffnen! was nun ? Geändert von schadinho7 (26.04.2011 um 19:55 Uhr) |
|
27.04.2011, 09:21
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | kritischer fehler beschädigte festplatte-cluster Dann bitte jetzt CF ausführen, probier den TDSS-Killer danach nochmal aus. ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.04.2011, 19:21
| #12 |
| | kritischer fehler beschädigte festplatte-cluster Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6447 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19048 28.04.2011 20:20:49 mbam-log-2011-04-28 (20-20-49).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 142046 Laufzeit: 2 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
28.04.2011, 20:03
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | kritischer fehler beschädigte festplatte-cluster Hast du dich irgendwie im Log geirrt? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.04.2011, 21:32
| #14 |
| | kritischer fehler beschädigte festplatte-cluster ne hab ich nicht  mein laptop läuft wieder.ich hoffe das bleibt jez auch so  |
|
29.04.2011, 09:59
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | kritischer fehler beschädigte festplatte-cluster Sry aber wir sind noch nicht fertig. Und du hast ein völlig andere Log gepostet als ich sehen wollte.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu kritischer fehler beschädigte festplatte-cluster |
| beschädigte, beschädigte festplatte-cluster, bilder, brauch, fehler, kritischer, kritischer fehler, musik, nachricht, nicht mehr, pcs, verloren, vieles, öffen |
Linear-Darstellung
