![]() |
|
Plagegeister aller Art und deren Bekämpfung: Drooper.Generic7.clbu auf alter CD gefunden. Ist mein System noch sauber?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 |
![]() | ![]() Drooper.Generic7.clbu auf alter CD gefunden. Ist mein System noch sauber? Hallo, Mein Vierenscanner hat gerade auf einer alten CD (08.2011) angeschlagen. AVG hat den: Drooper.Generic7.clbu gefungen. Wie kann ich prüfen, ob ich mir letztes Jahr, den Mist eingefangen habe ? Ist mein System noch sauber? Danke Mein ScanOTL Logfile: Code:
ATTFilter OTL logfile created on: 31.05.2013 10:21:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 45,66% Memory free 3,98 Gb Paging File | 2,78 Gb Available in Paging File | 69,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 80,00 Gb Total Space | 59,14 Gb Free Space | 73,92% Space Free | Partition Type: NTFS Drive D: | 370,00 Gb Total Space | 241,32 Gb Free Space | 65,22% Space Free | Partition Type: NTFS Drive E: | 1,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive P: | 100,00 Gb Total Space | 98,60 Gb Free Space | 98,60% Space Free | Partition Type: NTFS Drive Z: | 100,00 Gb Total Space | 93,87 Gb Free Space | 93,87% Space Free | Partition Type: NTFS Computer Name: TRON | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.31 10:19:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2012.10.22 14:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe PRC - [2012.05.10 17:18:22 | 000,395,928 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2012.05.10 17:16:38 | 002,673,640 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe ========== Modules (No Company Name) ========== MOD - [2012.05.10 17:16:38 | 002,673,640 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe MOD - [2012.05.10 17:16:18 | 000,071,008 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.05.31 09:23:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012.05.10 17:19:46 | 001,192,176 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.01 17:24:05 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2013.01.01 17:23:50 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53) DRV:64bit: - [2013.01.01 17:23:43 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2013.01.01 16:39:43 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr) DRV:64bit: - [2012.11.15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2012.10.22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.02 04:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.09.21 04:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2012.09.21 04:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.14 04:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2009.09.23 20:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) [2012.12.30 10:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe () O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -update plugin File not found O4 - Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.exe - Verknüpfung.lnk = P:\Rainmeter\Rainmeter.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LocalAccountTokenFilterPolicy = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.227.250 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38466EC1-4A0E-4C96-9F9A-ABA8913E5EC3}: DhcpNameServer = 192.168.227.250 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.03.12 05:13:36 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{be8810f7-c9c6-11e2-b000-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{be8810f7-c9c6-11e2-b000-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010.03.12 04:16:21 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{be8810f7-c9c6-11e2-b000-806e6f6e6963}\Shell\configure\command - "" = E:\setup.exe -- [2010.03.12 04:16:21 | 001,100,664 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{be8810f7-c9c6-11e2-b000-806e6f6e6963}\Shell\install\command - "" = E:\setup.exe -- [2010.03.12 04:16:21 | 001,100,664 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.31 10:18:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2013.05.31 09:58:45 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS [2013.05.31 09:54:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.05.31 09:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.05.31 09:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.05.31 09:22:02 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.05.31 09:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.31 09:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.05.31 09:17:29 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Microsoft Help [2013.05.31 09:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.05.31 09:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.31 09:17:02 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.05.31 09:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.05.31 09:02:04 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Thunderbird [2013.05.31 09:02:04 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Thunderbird ========== Files - Modified Within 30 Days ========== [2013.05.31 10:22:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.31 10:20:18 | 000,000,000 | ---- | M] () -- C:\Users\admin\defogger_reenable [2013.05.31 10:19:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe [2013.05.31 10:18:34 | 000,050,477 | ---- | M] () -- C:\Users\admin\Desktop\Defogger.exe [2013.05.31 09:58:45 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2013.05.31 09:16:44 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.31 09:16:44 | 000,652,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.31 09:16:44 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.31 09:16:44 | 000,129,674 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.31 09:16:44 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.31 09:09:44 | 000,014,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.31 09:09:44 | 000,014,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.31 09:09:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.31 09:09:19 | 1602,723,840 | -HS- | M] () -- C:\hiberfil.sys ========== Files Created - No Company Name ========== [2013.05.31 10:20:18 | 000,000,000 | ---- | C] () -- C:\Users\admin\defogger_reenable [2013.05.31 10:18:32 | 000,050,477 | ---- | C] () -- C:\Users\admin\Desktop\Defogger.exe [2013.05.31 09:58:45 | 000,000,264 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2012.12.29 20:40:18 | 000,000,017 | ---- | C] () -- C:\Users\admin\AppData\Local\resmon.resmoncfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.01 17:30:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Acronis [2012.12.29 19:38:25 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\AVG2013 [2013.01.01 18:37:40 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Foxit Software [2013.05.31 09:57:52 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Thunderbird [2012.12.29 19:37:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 31.05.2013 10:21:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 45,66% Memory free 3,98 Gb Paging File | 2,78 Gb Available in Paging File | 69,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 80,00 Gb Total Space | 59,14 Gb Free Space | 73,92% Space Free | Partition Type: NTFS Drive D: | 370,00 Gb Total Space | 241,32 Gb Free Space | 65,22% Space Free | Partition Type: NTFS Drive E: | 1,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive P: | 100,00 Gb Total Space | 98,60 Gb Free Space | 98,60% Space Free | Partition Type: NTFS Drive Z: | 100,00 Gb Total Space | 93,87 Gb Free Space | 93,87% Space Free | Partition Type: NTFS Computer Name: TRON | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- P:\FirefoxPortable\App\Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{088A6E5D-0DD7-4D29-8256-4AB97B963EAC}" = lport=139 | protocol=6 | dir=in | app=system | "{131964CD-177C-44E4-AAC0-A3DD498E543D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2004E765-E3AD-4C43-A7FB-D22F4B01B18B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{4214D72D-5A80-4F0B-8DB8-898096A8A4A5}" = lport=445 | protocol=6 | dir=in | app=system | "{67D289BC-7657-4BA7-BD47-9F313013DE20}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6AFF638C-3174-4EDB-B9F3-5F70D5BD1A48}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{89F90608-BE0A-4C4B-A19C-199ECE1987D6}" = rport=445 | protocol=6 | dir=out | app=system | "{8D8D8C2D-B8F2-4541-8FAA-C48AECC7B6A8}" = rport=137 | protocol=17 | dir=out | app=system | "{9CD20B4F-7D9D-48D0-AE4B-864826953273}" = rport=138 | protocol=17 | dir=out | app=system | "{CC84CFD7-8CC6-4CD2-8B0F-73E50181C20C}" = rport=139 | protocol=6 | dir=out | app=system | "{E88FF329-EB20-460B-BD67-C49D6AAC7517}" = lport=138 | protocol=17 | dir=in | app=system | "{EC2EEBEC-7C3D-4631-B9F8-1316B594722E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{FC3DF74F-5488-48B7-8C14-27A8F62891CF}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{065B9BB9-6D2D-43E3-9FC5-2E6CB8933E29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{0B737A29-7EAE-47F5-AC3C-E6CF59E45D79}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | "{19D9B911-307A-433B-B7E3-D4200A22C8F4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | "{1DBE522A-7899-44D7-BE19-2368E42F4B08}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{269B3D54-D53C-44A1-82A2-D31144A7333C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5FDDD1C1-F707-4256-8473-B44DCE3D1913}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | "{77D8DC32-B94A-4DFA-BF28-A2F4531DCF3D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | "{83B8969A-6B4F-44D6-BC31-AA66ADEEA380}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{8EB48E11-30F2-4BF2-9BA2-BCD96D5417A0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AF2B5266-A70C-4C9A-8FB9-8691D30AE694}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B5042085-7623-47CC-BD4E-968202B06B7E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | "{DBADA10F-AE41-4C23-AD9D-4CED04A60C30}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | "{F847D2A7-72D5-4F29-8147-D622A5B4E878}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{FFAE02AE-312B-480B-A340-7CF386C04B51}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | "TCP Query User{8D4504E6-2088-481D-BC40-22AA613D164A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "UDP Query User{F4357882-129C-4004-861F-F16DF7BB36EF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{14FCF290-82AB-421A-9034-636EF90EB9E5}" = AVG 2013 "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AVG" = AVG 2013 "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{9B683A28-2172-4CF1-B85D-41375E80652A}" = Acronis True Image WD*Edition "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Office14.STANDARD" = Microsoft Office Standard 2010 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 01.01.2013 11:18:49 | Computer Name = TRON | Source = ESENT | ID = 215 Description = WinMail (3044) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde. Error - 01.01.2013 11:18:55 | Computer Name = TRON | Source = ESENT | ID = 215 Description = WinMail (2168) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde. Error - 02.01.2013 14:34:33 | Computer Name = TRON | Source = VSS | ID = 8194 Description = Error - 31.05.2013 03:07:34 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:39 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:39 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:40 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:40 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:42 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = Error - 31.05.2013 03:07:51 | Computer Name = TRON | Source = .NET Runtime Optimization Service | ID = 1101 Description = [ System Events ] Error - 02.01.2013 06:47:33 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 02.01.2013 06:47:39 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 02.01.2013 06:47:50 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 02.01.2013 06:49:22 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 02.01.2013 06:49:24 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 31.05.2013 03:50:50 | Computer Name = TRON | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?02.?01.?2013 um 19:55:49 unerwartet heruntergefahren. Error - 31.05.2013 03:50:54 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 31.05.2013 03:50:59 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 31.05.2013 03:09:35 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 31.05.2013 03:09:38 | Computer Name = TRON | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 < End of report > Geändert von Kruemel-Mons (31.05.2013 um 09:38 Uhr) Grund: Nachtrag |
Themen zu Drooper.Generic7.clbu auf alter CD gefunden. Ist mein System noch sauber? |
alten, alter, avg, eingefangen, gefangen, gefunde, install.exe, prüfen, sauber, scan, scanner, system, vierenscanner, visual studio |