Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


Plagegeister aller Art und deren Bekämpfung: WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.04.2011, 09:43   #1
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


Vor 2 Tagen hatte ich bereits Probleme mit meinem Laptop und jetzt sind die Symptome wieder die gleichen. Desktop schwarz, Dateien (Bilder, Musik etc.) sind wieder unsichtbar. Jetzt wurde mir unten rechts " Kritischer Fehler. Fehler der Festplatte RAM-Speicher. Nutzung ist kritisch hoch. RAM-Speicher gescheitert. Desweiterenn ist ein kleines Fenster von Microsoft Windows geöffnet. Da steht: "WTR Loader funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist."
Auf den "Programm schließen"- Button habe ich noch nicht gedrückt.
Gestern hatte ich auch das Problem, dass im Hintergrund zwischenzeitlich Werbemusik zu hören war, obwohl nichts geöffnert war. Nach einem Neustart war es dann weg und der Malware-Scan hatte mir auch keine Probleme angezeigt. Ich mache grade einen neuen Scan. Dauert nur leider immer arg lang. Poste ich dann gleich. Wie kann ich den Scan posten, ohne den Text in einer Zip-Datei als Anhang hier rein zu stellen?

Alt 24.04.2011, 11:09   #2
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


da malware nach 90 minuten immernoch nicht beim windows-ordner angekommen ist und schon 7 infizierte objekte gefunden wurden, würde mich mal interessieren wie man sich vor so einem mist schützen kann. es geht ja nicht, dass ich alle 2 tage diese probleme habe und 5 stunden damit verbringe die scans durchzuführen und hochlade
__________________
Alt 24.04.2011, 11:57   #3
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


hier die log daten von malware:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6420

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

24.04.2011 12:56:39
mbam-log-2011-04-24 (12-56-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 311148
Laufzeit: 2 Stunde(n), 29 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
c:\programdata\iceyochtffau.exe (Trojan.FakeAlert) -> 1052 -> Failed to unload process.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iCEyocHtffAu (Trojan.FakeAlert) -> Value: iCEyocHtffAu -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\iceyochtffau.exe (Trojan.FakeAlert) -> Delete on reboot.
c:\programdata\40623880.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\agent zero\AppData\Local\Temp\0.1402520279204128.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\agent zero\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\agent zero\AppData\LocalLow\Sun\Java\deployment\cache\6.0\8\4f49f348-7ee84e60 (Trojan.FakeAlert) -> Quarantined and deleted successfully.



jetzt zeigt mir malware an, dass bestimmte dateien nicht entfernt werden konnten.
muss ich noch einen scan mit otl machen?
__________________
Alt 24.04.2011, 12:35   #4
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


otlOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.04.2011 13:14:47 - Run 4
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Agent Zero\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.015,00 Mb Total Physical Memory | 284,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,43 Gb Total Space | 45,58 Gb Free Space | 44,50% Space Free | Partition Type: NTFS
Drive D: | 7,80 Gb Total Space | 0,74 Gb Free Space | 9,49% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,32 Gb Free Space | 84,86% Space Free | Partition Type: NTFS
 
Computer Name: GEENA-PC | User Name: Agent Zero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Agent Zero\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Join Air\AssistantServices.exe ()
PRC - C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\WINDOWS\SMINST\Scheduler.exe ()
PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)
PRC - C:\WINDOWS\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM GmbH Berlin)
PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Agent Zero\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) --  File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (UI Assistant Service) -- C:\Programme\Join Air\AssistantServices.exe ()
SRV - (PCToolsSSDMonitorSvc) -- C:\Programme\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (FLCDLOCK) -- C:\WINDOWS\System32\flcdlock.exe (Hewlett-Packard Ltd)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (AgereModemAudio) -- C:\WINDOWS\System32\agrsmsvc.exe (Agere Systems)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
SRV - (AEADIFilters) -- C:\WINDOWS\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMSwissArmy) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ZTEusbser6k) -- C:\WINDOWS\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (FsUsbExDisk) -- C:\WINDOWS\System32\FsUsbExDisk.Sys ()
DRV - (ui11rdr) -- C:\WINDOWS\System32\drivers\ui11rdr.SYS (1&1 Internet AG)
DRV - (DAMDrv) -- C:\WINDOWS\System32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (eabfiltr) -- C:\WINDOWS\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (TPM) -- C:\WINDOWS\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (R300) -- C:\WINDOWS\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (WimFltr) -- C:\WINDOWS\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (HBtnKey) -- C:\WINDOWS\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (FWLANUSB) -- C:\WINDOWS\System32\drivers\fwlanusb.sys (AVM GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=laptop
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\URLSearchHook: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.3\dealioToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 23:07:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 23:07:01 | 000,000,000 | ---D | M]
 
[2008.09.17 09:50:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Extensions
[2011.04.24 13:09:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions
[2009.09.03 13:19:19 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.11 11:53:07 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.07.30 23:04:46 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.05.07 21:22:04 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.02.11 03:09:25 | 000,000,000 | -H-D | M] (vShare) -- C:\Users\Agent Zero\AppData\Roaming\mozilla\Firefox\Profiles\0pmc3l2j.default\extensions\vshare@toolbar
[2010.08.11 12:07:48 | 000,000,881 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\conduit.xml
[2009.11.01 20:46:38 | 000,000,687 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icq-search.xml
[2009.12.21 19:21:51 | 000,000,950 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-1.xml
[2010.01.08 19:50:41 | 000,000,950 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-2.xml
[2010.03.08 18:01:40 | 000,000,961 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-3.xml
[2010.04.02 19:17:15 | 000,000,961 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-4.xml
[2010.04.27 14:23:41 | 000,000,961 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-5.xml
[2010.06.08 13:17:21 | 000,000,961 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin-6.xml
[2010.02.03 14:37:50 | 000,000,947 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Roaming\Mozilla\Firefox\Profiles\0pmc3l2j.default\searchplugins\icqplugin.xml
[2011.02.14 23:52:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.09.15 08:48:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.02.14 23:52:24 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2010.12.17 13:25:11 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.17 13:25:11 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.17 13:25:11 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.17 13:25:11 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.17 13:25:11 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.3\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (MakeItLive Plugin) - {56361A71-4E9F-401D-9E12-8AEAA3D7A672} - C:\Programme\MakeItLive\makeitlive_toolbar.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -  File not found
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.3\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (MakeItLive Plugin) - {56361A71-4E9F-401D-9E12-8AEAA3D7A672} - C:\Programme\MakeItLive\makeitlive_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  File not found
O3 - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Programme\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\Toolbar\WebBrowser: (MakeItLive Plugin) - {56361A71-4E9F-401D-9E12-8AEAA3D7A672} - C:\Programme\MakeItLive\makeitlive_toolbar.dll ()
O3 - HKU\S-1-5-21-1996018015-1197503730-368022858-1008\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM GmbH Berlin)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ST Recovery Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Agent Zero\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Agent Zero\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} -  File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\makeitlivechrome {51472043-0170-45F9-BCCF-19FCFC676D18} - C:\Programme\MakeItLive\makeitlive_toolbar.dll ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Programme\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - DeviceNP.dll - C:\Windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop WallPaper: C:\Users\Agent Zero\Pictures\Unbenannt.jpg
O24 - Desktop BackupWallPaper: C:\Users\Agent Zero\Pictures\Unbenannt.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.22 21:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.22 21:27:17 | 000,000,000 | -H-D | C] -- C:\Users\Agent Zero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.22 21:03:15 | 000,000,000 | -H-D | C] -- C:\_OTL
[2011.04.22 20:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.04.22 20:25:15 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.04.22 17:41:58 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Agent Zero\Desktop\OTL.exe
[2011.04.22 17:23:49 | 000,000,000 | -H-D | C] -- C:\Users\Agent Zero\AppData\Roaming\Malwarebytes
[2011.04.22 17:23:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.22 17:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.22 17:23:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.04.22 17:23:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.22 15:35:05 | 000,000,000 | -H-D | C] -- C:\Users\Agent Zero\AppData\Roaming\Avira
[2011.04.14 10:09:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.04.13 14:11:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.13 14:10:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.13 14:10:46 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.13 14:10:46 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.13 14:10:46 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.13 14:10:45 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.13 14:10:44 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.13 14:10:44 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.13 14:10:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.13 14:10:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.13 14:10:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.13 14:10:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.13 14:10:42 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.13 14:10:42 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.13 14:10:42 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.13 14:10:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.13 14:10:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.13 14:10:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.13 14:10:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.13 14:10:30 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.13 14:10:29 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.13 14:10:18 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.13 14:10:09 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.13 14:09:56 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.13 14:09:56 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.03 00:11:51 | 000,000,000 | -H-D | C] -- C:\Users\Agent Zero\Documents\schule
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.24 13:18:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4558F31D-3F71-4684-AD34-C18780750A27}.job
[2011.04.24 13:12:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Agent Zero\Desktop\OTL.exe
[2011.04.24 13:05:33 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 13:05:32 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.24 13:05:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.24 13:05:10 | 1062,547,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.24 13:01:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.24 12:35:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1996018015-1197503730-368022858-1006UA.job
[2011.04.24 11:35:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1996018015-1197503730-368022858-1006Core.job
[2011.04.23 16:36:38 | 000,696,626 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.23 16:36:38 | 000,651,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.23 16:36:38 | 000,155,102 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.23 16:36:38 | 000,126,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.23 16:34:17 | 000,211,456 | -H-- | M] () -- C:\Users\Agent Zero\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.22 17:23:36 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.19 22:20:08 | 000,009,179 | -HS- | M] () -- C:\Users\Agent Zero\Documents\Folder.jpg
[2011.04.19 22:20:08 | 000,002,441 | -HS- | M] () -- C:\Users\Agent Zero\Documents\AlbumArtSmall.jpg
[2011.04.19 21:55:13 | 006,979,712 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Fedde Le Grand & Patric La Funk - Autosave.mp3
[2011.04.19 21:51:54 | 004,499,584 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Laidback Luke feat. Jonathan Mendelsohn - Timebomb.mp3
[2011.04.19 21:14:18 | 002,664,576 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Black Eyed Peas - Just Cant Get Enough _ Switch-Up ( Techno-Dance-Remix ).mp3
[2011.04.19 21:12:03 | 003,592,320 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Dj Antoine vs Timati feat. Kalenna - Welcome to St. Tropez (DJ Antoine vs Mad Mark Remix).mp3
[2011.04.19 21:10:57 | 002,726,016 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Black eyed peas - can't get enough ( Switch up extended by D-Noizz ).mp3
[2011.04.17 20:14:39 | 000,254,443 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\sammlung.jpg
[2011.04.17 14:52:28 | 566,946,696 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\dm_110316_nba_theassociation_576x432.avi
[2011.04.17 14:52:26 | 566,665,350 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\dm_110225_theassociation_ep3_576x432.avi
[2011.04.17 14:52:21 | 100,177,936 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\Coldplay - Viva La Vida - Live (BBC Concert) HD 1280 x 720p -1.avi
[2011.04.17 14:31:17 | 000,313,572 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\pacmanj.jpg
[2011.04.17 14:14:28 | 000,220,295 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\Air Force.jpg
[2011.04.14 18:19:43 | 000,423,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.10 15:34:26 | 003,614,848 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Sunrise Avenue - Hollywood Hills.mp3
[2011.04.10 15:32:44 | 004,864,128 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Silbermond - Symphonie.mp3
[2011.04.06 21:08:56 | 003,516,544 | -H-- | M] () -- C:\Users\Agent Zero\Documents\Daft Punk Tron Legacy soundtrack - Derezzed.mp3
[2011.04.02 22:03:58 | 000,148,514 | -H-- | M] () -- C:\Users\Agent Zero\Desktop\Hagen Artikel.pdf
 
========== Files Created - No Company Name ==========
 
[2011.04.22 17:23:36 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.19 21:53:35 | 006,979,712 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Fedde Le Grand & Patric La Funk - Autosave.mp3
[2011.04.19 21:50:45 | 004,499,584 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Laidback Luke feat. Jonathan Mendelsohn - Timebomb.mp3
[2011.04.19 21:12:47 | 002,664,576 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Black Eyed Peas - Just Cant Get Enough _ Switch-Up ( Techno-Dance-Remix ).mp3
[2011.04.19 21:11:13 | 003,592,320 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Dj Antoine vs Timati feat. Kalenna - Welcome to St. Tropez (DJ Antoine vs Mad Mark Remix).mp3
[2011.04.19 21:09:59 | 002,726,016 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Black eyed peas - can't get enough ( Switch up extended by D-Noizz ).mp3
[2011.04.17 20:14:28 | 000,254,443 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\sammlung.jpg
[2011.04.17 14:45:32 | 000,238,455 | -H-- | C] () -- C:\Users\Agent Zero\Documents\01.png
[2011.04.17 14:44:48 | 000,219,848 | -H-- | C] () -- C:\Users\Agent Zero\Documents\3472544521_383641b7b6_o.jpg
[2011.04.17 14:31:14 | 000,313,572 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\pacmanj.jpg
[2011.04.17 14:14:27 | 000,220,295 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\Air Force.jpg
[2011.04.17 13:24:47 | 566,946,696 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\dm_110316_nba_theassociation_576x432.avi
[2011.04.17 13:09:36 | 566,665,350 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\dm_110225_theassociation_ep3_576x432.avi
[2011.04.17 13:05:34 | 100,177,936 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\Coldplay - Viva La Vida - Live (BBC Concert) HD 1280 x 720p -1.avi
[2011.04.10 15:33:48 | 003,614,848 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Sunrise Avenue - Hollywood Hills.mp3
[2011.04.10 15:32:05 | 004,864,128 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Silbermond - Symphonie.mp3
[2011.04.06 21:13:43 | 005,423,930 | -H-- | C] () -- C:\Users\Agent Zero\Documents\09-don_omar-virtual_diva.mp3
[2011.04.06 21:11:07 | 005,913,833 | -H-- | C] () -- C:\Users\Agent Zero\Documents\The Fast and The Furious Soundtracks- Night Rave.mp3
[2011.04.06 21:10:32 | 006,288,616 | -H-- | C] () -- C:\Users\Agent Zero\Documents\The Fast and The Furious Soundtracks- Race Wars.mp3
[2011.04.06 21:10:19 | 005,562,093 | -H-- | C] () -- C:\Users\Agent Zero\Documents\The Fast and the Furious Soundtracks- Speed of Light.mp3
[2011.04.06 21:08:06 | 003,516,544 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Daft Punk Tron Legacy soundtrack - Derezzed.mp3
[2011.04.06 20:54:57 | 003,561,600 | -H-- | C] () -- C:\Users\Agent Zero\Documents\nelly furtado - night is young.mp3
[2011.04.06 20:53:43 | 006,973,568 | -H-- | C] () -- C:\Users\Agent Zero\Documents\Visitor 'Los Feeling' Alan Braxe Remix.mp3
[2011.04.02 23:50:43 | 000,148,514 | -H-- | C] () -- C:\Users\Agent Zero\Desktop\Hagen Artikel.pdf
[2010.12.18 18:30:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.12.18 18:30:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.12.11 17:20:13 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.12.11 17:20:13 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.12.11 17:19:22 | 000,002,528 | -H-- | C] () -- C:\Users\Agent Zero\AppData\Roaming\$_hpcst$.hpc
[2010.01.05 02:26:35 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.01.05 02:26:24 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.01.05 02:26:24 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.01.05 02:26:24 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.01.05 02:26:19 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.09.14 19:17:18 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.05.09 18:39:29 | 000,008,530 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008.11.30 12:17:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.09.23 18:59:52 | 000,211,456 | -H-- | C] () -- C:\Users\Agent Zero\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.24 09:18:58 | 000,028,672 | ---- | C] () -- C:\Windows\System32\qttask.exe
[2008.07.13 14:25:53 | 000,097,388 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2008.07.12 23:29:25 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.07.12 23:29:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.07.12 23:29:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.07.12 23:29:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.07.12 23:29:25 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.07.12 23:29:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.08.24 14:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007.08.24 14:38:54 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.24 14:38:54 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007.08.24 14:28:04 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007.06.08 10:05:38 | 000,274,432 | ---- | C] () -- C:\Windows\System32\flcdlmsg.dll
[2006.11.09 18:42:33 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2006.11.09 18:42:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.02 17:38:05 | 000,696,626 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:38:05 | 000,155,102 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:44:53 | 000,423,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,651,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,126,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
========== LOP Check ==========
 
[2011.01.04 19:54:59 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\DVDVideoSoft
[2011.04.06 21:04:28 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.13 20:33:55 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\FreeFLVConverter
[2009.11.11 15:54:09 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\FreeVideoConverter
[2008.09.08 21:30:55 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\FUJIFILM
[2010.08.16 15:20:29 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\GetRightToGo
[2011.04.23 20:24:09 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\ICQ
[2010.07.09 13:38:06 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\InterVideo
[2008.10.02 00:07:15 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\Opera
[2010.12.11 18:15:26 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\PC Suite
[2008.12.21 22:47:23 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\SampleView
[2010.12.11 19:01:50 | 000,000,000 | -H-D | M] -- C:\Users\Agent Zero\AppData\Roaming\Samsung
[2008.12.14 21:36:45 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\1&1
[2009.01.18 21:09:40 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\CasinoOnNet
[2008.07.24 11:13:57 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\FUJIFILM
[2010.11.13 20:34:08 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\GMX OnlineChat
[2008.07.12 23:31:15 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\Hewlett Packard
[2009.05.14 18:50:30 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\ICQ
[2008.08.04 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\InterVideo
[2008.10.07 12:37:20 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\Opera
[2010.06.19 16:45:30 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\PeerNetworking
[2010.06.23 11:17:07 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\Registry Mechanic
[2009.05.13 17:55:03 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\SampleView
[2010.09.07 17:49:26 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\Titanium
[2009.03.21 17:08:38 | 000,000,000 | ---D | M] -- C:\Users\geena\AppData\Roaming\TomTom
[2011.04.24 13:02:10 | 000,032,628 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011.04.24 13:18:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{4558F31D-3F71-4684-AD34-C18780750A27}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Agent Zero\Documents\Junge Debütantinnen - Blutjung und schon verdorben [DVDRIP].avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Agent Zero\Desktop\dm_110316_nba_theassociation_576x432.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Agent Zero\Desktop\dm_110225_theassociation_ep3_576x432.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Agent Zero\Desktop\Coldplay - Viva La Vida - Live (BBC Concert) HD 1280 x 720p -1.avi:TOC.WMV
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
--- --- ---
Alt 24.04.2011, 12:36   #5
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


extras:

OTL Extras logfile created on: 24.04.2011 13:14:47 - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Agent Zero\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.015,00 Mb Total Physical Memory | 284,00 Mb Available Physical Memory | 28,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,43 Gb Total Space | 45,58 Gb Free Space | 44,50% Space Free | Partition Type: NTFS
Drive D: | 7,80 Gb Total Space | 0,74 Gb Free Space | 9,49% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,32 Gb Free Space | 84,86% Space Free | Partition Type: NTFS

Computer Name: GEENA-PC | User Name: Agent Zero | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1996018015-1197503730-368022858-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- H:\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- H:\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28105A54-5BBB-4136-B7F1-A4B156EBA15C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5392A487-C420-441B-AE60-CEAD934A4838}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7F39CCA5-FCC2-4021-AF4C-FC963D4418E0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{80B6E36F-2E89-4934-8FB3-25DC084122EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6A800F4-AA08-4E50-983E-E1F2ED236C5A}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{C03BBF31-8CDA-4D70-9CA3-C66FB58357EF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB6AC4D1-5624-4888-A78D-B9639DD541FA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CC5C72A7-65A1-4663-8291-78B1F3FC4C69}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E72A2B66-FB81-4B8A-B353-E1E47FAE718F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1416A087-A4A8-48E4-AD23-9252D8AC7584}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{28D84FA8-3E16-46DB-8A8A-56427C4B8CF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2EB84012-57D5-4476-BCE5-600CC1FD38C3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{30E5D219-62B6-42FA-B63F-729253EDA2FD}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3A09F7EB-4A31-4FAE-9E97-604187F96E27}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{3E0BF600-1DB7-4978-8E3D-11687F8FDD56}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{4AF83E1D-754B-46C2-A0EC-286FD568F771}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{7D0B4D99-2648-457E-91E9-0F243C184FC1}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{7F9FB9EA-8C87-48C0-9D1A-8A5E9F4908F9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B56D1BA9-E0D9-48ED-9476-9587D805CCEE}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{B69BC6D8-E2E8-4A1C-8656-DB11B0D79667}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{ECA31002-EC06-4A0B-AA0B-0297560F35D3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{F987BCD9-F166-4F93-AC67-356AEAF40993}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{F9C0915B-F858-4BEF-8B38-507E33400ABB}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{FF3A84D6-5DCD-4C3F-A20E-4D8888BBD591}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{1CE7469B-CBD1-4433-A3F8-0F9615AF5FB4}C:\users\geena\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\geena\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{3B57B888-BA02-4CFD-83EF-706FDCD253A5}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{72D1F026-12D5-42D4-BE44-B0740EDF7E08}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{C76B8BD3-4B51-4883-8DAE-1D8ACA7BAF6B}C:\program files\blobby volley 2.0 alpha 6\blobby.exe" = protocol=6 | dir=in | app=c:\program files\blobby volley 2.0 alpha 6\blobby.exe |
"TCP Query User{D4BC90E8-E099-4F01-A696-CF05D49DAD1D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A97B6342-DA5D-4F33-9243-42540221CB5D}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{AF799003-8C88-4CB8-95A8-D5AA01746452}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{B605F71B-DD8B-4A99-8262-A9D901265C68}C:\users\geena\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\geena\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{D99C9510-9331-43B4-9631-045F06CEE126}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DD2B5FA6-1E6F-45A0-81EF-9A13F98028F6}C:\program files\blobby volley 2.0 alpha 6\blobby.exe" = protocol=17 | dir=in | app=c:\program files\blobby volley 2.0 alpha 6\blobby.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B18A-F99F-423F-B79F-1150D0F85492}" = HP Wireless Assistant
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.2
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 G2
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme
"{41977E38-C671-4383-96F2-D2C83A815EB4}" = Vista Default Settings
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{584B0895-8EF3-4175-8E80-1B68BFA04636}" = HP Help and Support
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = Application Installer 4.00.B14
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7CA4EF4B-DB5A-4E2F-81CC-6EE33FC9EF1E}" = HP User Guides 0084
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9DDD0B95-1F3E-453E-9F12-EACB0DD6B6CF}" = Dealio Toolbar v4.3
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A508C1F7-08EA-4CD4-91F4-A4FC91309FA9}" = GTS der Onvista Bank
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Join Air
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}" = HP Easy Setup - Frontend
"{BC35397E-6A05-4E93-8418-1BA7CD2B7AAB}" = BIOS Configuration for HP ProtectTools
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3AA158A-9421-4883-8767-E771B0964A1D}" = ImageMixer VCD for FinePix
"{D98B6344-98EC-4196-9D61-DB0E8420C7C8}" = ESU for Microsoft Vista
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E59A46D4-699C-4DC8-969F-DAC3395B4543}" = HP Active Support Library
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FEE3C238-FDAB-4150-85DB-66BDA293DABA}_is1" = Trendpoker 3D - Texas Hold'em Poker - DEMO
"1&1 Upload-Manager" = 1&1 Upload-Manager
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AOL Toolbar" = AOL Toolbar 5.0
"Ask Toolbar_is1" = Ask Toolbar
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"AVMWLANCLI" = AVM FRITZ!WLAN
"Blobby Volley 2.0 Alpha 6_is1" = Blobby Volley 2.0 Alpha 6
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Casino-On-Net" = Casino-On-Net
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.4.10
"Free FLV Converter_is1" = Free FLV Converter V 6.93.0
"Free Studio_is1" = Free Studio version 4.6
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"HaaliMkx" = Haali Media Splitter
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.2
"Kartenspiele_Volume_3" = Kartenspiele_Volume_3
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"MakeItLive" = MakeItLive Plugin
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"PDF Complete" = PDF Complete
"PneumaCalc_is1" = PneumaCalc 1.1
"PROHYBRIDR" = 2007 Microsoft Office system
"PROSet" = Intel(R) PRO Network Connections Drivers
"Registry Mechanic_is1" = Registry Mechanic 9.0
"ST6UNST #1" = BEWERBUNGSMASTER AZUBI
"ST6UNST #2" = BEWERBUNGSMASTER
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Texas Hold 'Em" = Texas Hold 'Em
"TomTom HOME" = TomTom HOME 2.6.1.1549
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"VLC media player" = VLC media player 0.9.6
"vShare" = vShare Plugin
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 5.5

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.04.2011 07:39:27 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16411

Error - 23.04.2011 07:39:27 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16411

Error - 23.04.2011 07:39:43 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 23.04.2011 07:39:43 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 32620

Error - 23.04.2011 07:39:43 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 32620

Error - 23.04.2011 10:31:58 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 23.04.2011 10:31:59 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2500447

Error - 23.04.2011 10:31:59 | Computer Name = geena-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2500447

Error - 24.04.2011 04:20:47 | Computer Name = geena-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06, Prozess-ID 0x1494, Anwendungsstartzeit
01cc025839a41b27.

Error - 24.04.2011 04:28:38 | Computer Name = geena-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iCEyocHtffAu.exe, Version 1.8.0.0, Zeitstempel
0x21475346, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0xe1859e06, Prozess-ID 0x41c, Anwendungsstartzeit
01cc0259443921d9.

[ OSession Events ]
Error - 16.05.2010 05:18:51 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10.06.2010 12:50:52 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01.08.2010 06:51:07 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 05.08.2010 12:41:24 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 07.09.2010 14:09:41 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 24.09.2010 11:48:14 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 935
seconds with 900 seconds of active time. This session ended with a crash.

Error - 28.10.2010 08:22:03 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74
seconds with 0 seconds of active time. This session ended with a crash.

Error - 01.11.2010 14:47:14 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.11.2010 07:56:55 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 08.12.2010 12:21:44 | Computer Name = geena-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 129
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 31.10.2008 10:23:20 | Computer Name = geena-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 31.10.2008 13:19:23 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 01.11.2008 05:31:20 | Computer Name = geena-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 01.11.2008 07:14:35 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 01.11.2008 20:23:28 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 02.11.2008 10:31:54 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 02.11.2008 12:06:28 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 02.11.2008 13:57:04 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 03.11.2008 14:14:31 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =

Error - 03.11.2008 15:24:41 | Computer Name = geena-PC | Source = DCOM | ID = 10010
Description =


Alt 24.04.2011, 15:11   #6
cable
 
WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Standard

WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


kann keiner helfen?

Antwort

Themen zu WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher
anhang, bilder, button, dateien, desktop, fenster, festplatte, funktioniert, funktioniert nicht, funktioniert nicht mehr, hintergrund, kleines, laptop, lösung, microsoft, musik, neue, neuen, neustart, nicht mehr, nichts, platte, probleme, programm, schließen, windows, wtr loader, zip-datei


« Nach dem "Windows diagnostic" virus- alle programme wird nicht angezeigt+ skype funzt. nicht | Windows Recovery :( »


Ähnliche Themen: WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher


  1. Windows 7: Die Anweisung 0x7218e5a8 verweist auf den Speicher 0x00000000. Der Vorgang read konnte nicht im Speicher durchgeführt werden.
    Plagegeister aller Art und deren Bekämpfung - 19.08.2015 (4)
  2. Warnhinweis „Die Anweisung 0x734fe5a8 verweist auf den Speicher 0x00000000. Der Vorgang read konnte nicht im Speicher durchgeführt werden.“
    Plagegeister aller Art und deren Bekämpfung - 16.08.2015 (29)
  3. 7 GB Speicher auf Laufwerk C auf einen Schlag nicht mehr frei
    Log-Analyse und Auswertung - 09.03.2015 (3)
  4. ein Kritischer Fehler ist aufgetreten/ Windows Explorer funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (14)
  5. IE funktioniert nicht mehr (vermutlich nach Java Update..)- komme nicht mehr ins Internet
    Log-Analyse und Auswertung - 16.06.2014 (6)
  6. Auf einmal ging mein driver Genius nicht mehr und nach neuinstalation steht (Online Downloader funktioniert nicht mehr
    Alles rund um Windows - 13.05.2014 (2)
  7. Trojan.Ransom.ANC - Browser funktioniert nicht mehr - Virenprogramme funktionieren nicht mehr
    Log-Analyse und Auswertung - 30.10.2012 (2)
  8. Trojan.Spyeyes, Taskmanager nicht mehr auffindbar, Acrobat Reader funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 17.10.2011 (8)
  9. WTR- Loader funktioniert nicht
    Log-Analyse und Auswertung - 12.05.2011 (48)
  10. Host application& WTR Loader funktioniert nicht mehr (Catalyst Control Centre),Daten "weg"
    Log-Analyse und Auswertung - 10.05.2011 (1)
  11. TR/Kazy.mekl.1 und Meldung "WTR Loader funktioniert nicht mehr"
    Log-Analyse und Auswertung - 07.05.2011 (23)
  12. WTR Loader funktioniert nicht und Host capplication funktioniert nicht (Catalyst Control Center)
    Log-Analyse und Auswertung - 07.05.2011 (23)
  13. "wtr loader funktioniert nicht" "TR/Kazy.mekml.1"
    Log-Analyse und Auswertung - 02.05.2011 (6)
  14. TR/Kazy.mekl.1 und Meldung "WTR Loader funktioniert nicht mehr"
    Log-Analyse und Auswertung - 02.05.2011 (21)
  15. WTR Loader funktioniert nicht
    Log-Analyse und Auswertung - 27.04.2011 (11)
  16. Kritischer Fehler, Dateien nicht mehr sichtbar!
    Plagegeister aller Art und deren Bekämpfung - 26.04.2011 (1)
  17. WTR Loader Funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher - Vor 2 Tagen hatte ich bereits Probleme mit meinem Laptop und jetzt sind die Symptome wieder die gleichen. Desktop schwarz, Dateien (Bilder, Musik etc.) sind wieder unsichtbar. Jetzt wurde mir - WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher...
Archiv
Du betrachtest: WTR Loader funktioniert nicht mehr, kritischer RAM-Speicher auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129