|
Log-Analyse und Auswertung: TR/Crypt.ZPACK.Gen wieder mal.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.04.2010, 19:11 | #1 |
| TR/Crypt.ZPACK.Gen wieder mal. Hallo Erbitte Hilfe wegen dem Trojaner TR/Crypt.ZPACK.Gen der mich seit längerem nervt. Ich habe es bislang leider noch nicht geschafft den zu entfernen. Trotz Malwarebytes (neuste Version) und Spywareblaster. Nur der Guard von Avira (neuste Version) findet den. Dabei weiss ich gar nicht dass ich irgendwas heruntergeladen habe etc... Hier der HijackThis Auszug: ---------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:57:50, on 24.04.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE D:\Programme\Nero9\Nero 9\InCD\InCDSrv.exe C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Klebezettel NG\klebez.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\msiexec.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Klebezettel NG] "C:\Programme\Klebezettel NG\klebez.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O15 - Trusted Zone: hxxp://fpdownload.macromedia.com O15 - Trusted Zone: hxxp://www.macromedia.com O15 - Trusted Zone: hxxp://sdc.shockwave.com O15 - Trusted Zone: hxxp://*.shoutcast.com O15 - Trusted Zone: hxxp://*.winamp.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDSrv) - Nero AG - D:\Programme\Nero9\Nero 9\InCD\InCDSrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: NBService - Unknown owner - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\Programme\Nero9\Nero 9\InCD\NBHRegInCDSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 5101 bytes ------------- Vielen Dank schon mal im voraus, Trigger_de |
25.04.2010, 14:58 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen wieder mal. Hallo und
__________________Zitat:
Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
25.04.2010, 17:27 | #3 |
| TR/Crypt.ZPACK.Gen wieder mal. OTL logfile created on: 25.04.2010 18:19:09 - Run 1
__________________OTL by OldTimer - Version 3.2.3.0 Folder = C:\Down Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2048 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 25,55 Gb Total Space | 12,07 Gb Free Space | 47,26% Space Free | Partition Type: NTFS Drive D: | 406,70 Gb Total Space | 146,58 Gb Free Space | 36,04% Space Free | Partition Type: NTFS Drive E: | 33,51 Gb Total Space | 24,81 Gb Free Space | 74,02% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: AMD Current User Name: Manni Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Down\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - D:\Programme\Nero9\Nero 9\InCD\InCDSrv.exe (Nero AG) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC) PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Zone Labs, LLC) PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Modules (SafeList) ========== MOD - C:\Down\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (NBService) -- File not found SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software) SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software) SRV - (InCDSrv) -- D:\Programme\Nero9\Nero 9\InCD\InCDSrv.exe (Nero AG) SRV - (NeroRegInCDSrv) -- D:\Programme\Nero9\Nero 9\InCD\NBHRegInCDSrv.exe (Nero AG) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Zone Labs, LLC) SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG) SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (RRNetCapMP) -- C:\WINDOWS\system32\drivers\rrnetcap.sys (RapidSolution Software AG) DRV - (RRNetCap) -- C:\WINDOWS\system32\drivers\rrnetcap.sys (RapidSolution Software AG) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.) DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (InCDRm) -- C:\WINDOWS\system32\drivers\InCDRm.sys (Nero AG) DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDPass.sys (Nero AG) DRV - (InCDFs) -- C:\WINDOWS\system32\drivers\InCDFs.sys (Nero AG) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs, LLC) DRV - (srescan) -- C:\WINDOWS\system32\ZoneLabs\srescan.sys (Zone Labs, LLC) DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab) DRV - (cm102u32) -- C:\WINDOWS\system32\drivers\c6501.sys (C-Media Inc) DRV - (c65013264) -- C:\WINDOWS\system32\drivers\c6501.sys (C-Media Inc) DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation) DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (PQNTDrv) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation) DRV - (kbfilter) -- C:\WINDOWS\system32\drivers\kbfilter.sys (WayTech Development, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "GoogleFeed.net" FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1 FF - prefs.js..extensions.enabledItems: 6 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 41 FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3 FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..network.proxy.backup.ftp: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.gopher: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.backup.gopher_port: 0 FF - prefs.js..network.proxy.backup.socks: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.gopher: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.http: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "hxxp://newyearspirit.co.cc/" FF - prefs.js..network.proxy.ssl: "hxxp://newyearspirit.co.cc/" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.02.28 14:40:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.02 11:53:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.20 17:59:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2010.03.31 07:37:17 | 000,000,000 | ---D | M] [2010.02.09 00:26:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Extensions [2010.02.09 00:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.04.25 09:24:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions [2010.01.18 14:05:15 | 000,000,000 | ---D | M] (ChatZilla [de]) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2010.01.23 19:35:59 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB} [2010.04.13 15:20:46 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2009.08.23 07:40:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f} [2010.01.08 14:31:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009.08.28 21:19:06 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.04.09 13:21:27 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009.05.19 18:25:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\extensions\moveplayer@movenetworks.com [2009.11.14 20:29:26 | 000,000,003 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\Mozilla\Firefox\Profiles\prymplv5.default\searchplugins\GoogleFeed.xml [2010.04.25 09:24:58 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.20 17:59:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.20 17:59:11 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll [2010.03.12 09:09:03 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.12 09:09:03 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.12 09:09:03 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.12 09:09:03 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.12 09:09:03 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.04.25 11:26:01 | 000,392,788 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 Proben bei 1000Gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 13564 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [C6501Sound] File not found O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC) O4 - HKCU..\Run: [Klebezettel NG] C:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 11 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: macromedia.com ([fpdownload] http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: macromedia.com ([www] http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: shockwave.com ([sdc] http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: shoutcast.com ([]http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: winamp.com ([]http in Vertrauenswürdige Sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\ufxw.exe) - C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\ufxw.exe File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Manni\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Manni\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.06.26 12:27:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008.06.26 12:27:07 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.01.20 08:20:32 | 000,000,000 | ---D | M] - E:\Automusik -- [ NTFS ] O33 - MountPoints2\{13c9f183-8c54-11dd-9d0a-001bfcafac21}\Shell\AutoRun\command - "" = M:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found O33 - MountPoints2\{83648aea-793e-11de-9b4b-001bfcafac21}\Shell\AutoRun\command - "" = H:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.04.25 12:10:47 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Manni\Recent [2010.04.25 12:10:39 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys [2010.04.25 12:10:34 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010.04.25 12:07:23 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} [2010.04.25 12:07:17 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft [2010.04.25 11:07:05 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2010.04.25 11:07:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy [2010.04.24 19:28:51 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro [2010.04.23 16:35:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Manni\Anwendungsdaten\vlc [2010.04.23 16:24:18 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Manni\UserData [2010.04.23 14:57:51 | 000,000,000 | ---D | C] -- C:\Programme\SpywareBlaster [2010.04.23 08:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia [2010.04.23 08:07:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe [2010.04.20 17:59:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2010.04.20 17:59:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2010.04.20 17:59:21 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.04.20 17:59:21 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.04.20 17:59:20 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.04.20 17:59:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.04.20 17:59:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.04.11 14:09:00 | 000,000,000 | ---D | C] -- C:\Programme\PixiePack Codec Pack [2010.04.11 14:08:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution [2010.04.11 14:06:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Manni\Lokale Einstellungen\Anwendungsdaten\RapidSolution [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.04.25 18:18:36 | 015,204,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\NTUSER.DAT [2010.04.25 18:16:53 | 077,690,912 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2010.04.25 18:00:02 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2010.04.25 12:15:40 | 000,000,872 | ---- | M] () -- C:\WINDOWS\System\C6501.ini [2010.04.25 12:13:48 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.04.25 12:12:19 | 000,358,830 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml [2010.04.25 12:11:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.04.25 12:11:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.04.25 12:10:56 | 000,917,036 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2010.04.25 12:10:48 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Manni\ntuser.ini [2010.04.25 12:10:33 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010.04.25 12:10:30 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010.04.25 12:07:22 | 000,000,847 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk [2010.04.25 11:26:01 | 000,392,788 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.04.25 10:14:03 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010.04.24 14:10:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.04.24 11:38:25 | 003,172,470 | -H-- | M] () -- C:\Dokumente und Einstellungen\Manni\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.04.24 01:01:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.04.23 16:34:55 | 000,000,595 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2010.04.23 16:33:41 | 018,499,623 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\vlc-1.0.5-win32.exe [2010.04.23 14:57:54 | 000,000,670 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Desktop\SpywareBlaster.lnk [2010.04.23 08:00:06 | 000,086,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.20 17:59:10 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.04.20 17:59:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.04.20 17:59:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.04.20 17:59:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.04.20 17:59:10 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.04.16 08:18:52 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 8.lnk [2010.04.12 18:17:27 | 000,010,460 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\devk.odt [2010.04.12 09:12:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.04.11 14:21:20 | 000,000,118 | ---- | M] () -- C:\WINDOWS\Podcasts.INI [2010.04.10 14:38:59 | 000,000,571 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Vuze.lnk [2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.03.29 08:39:45 | 001,043,836 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.03.29 08:39:45 | 000,448,918 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.03.29 08:39:45 | 000,432,856 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.03.29 08:39:45 | 000,080,464 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.03.29 08:39:45 | 000,067,560 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.03.27 11:00:52 | 000,002,354 | ---- | M] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\Ferien_Nordrhein_Westfalen_2010.ics [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.04.25 13:27:58 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010.04.25 12:13:46 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.04.25 12:07:22 | 000,000,847 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk [2010.04.24 01:01:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.04.23 16:34:55 | 000,000,595 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk [2010.04.23 16:32:25 | 018,499,623 | ---- | C] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\vlc-1.0.5-win32.exe [2010.04.23 14:57:54 | 000,000,670 | ---- | C] () -- C:\Dokumente und Einstellungen\Manni\Desktop\SpywareBlaster.lnk [2010.04.12 18:17:26 | 000,010,460 | ---- | C] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\devk.odt [2010.04.11 14:21:20 | 000,000,118 | ---- | C] () -- C:\WINDOWS\Podcasts.INI [2010.03.27 11:01:15 | 000,002,354 | ---- | C] () -- C:\Dokumente und Einstellungen\Manni\Eigene Dateien\Ferien_Nordrhein_Westfalen_2010.ics [2010.02.20 12:35:55 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009.09.29 19:23:20 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI [2009.07.26 09:10:37 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Ulead32.INI [2009.07.26 09:09:48 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini [2009.07.26 09:08:49 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini [2009.07.26 09:08:47 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys [2009.07.26 09:08:47 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys [2009.06.27 09:45:58 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009.04.04 11:07:00 | 000,000,262 | ---- | C] () -- C:\WINDOWS\Clony2.ini [2009.03.31 19:15:12 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009.03.31 19:15:12 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009.03.31 19:15:12 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2009.03.31 18:48:49 | 000,000,360 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2009.03.02 11:33:32 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008.11.15 22:12:57 | 000,000,021 | ---- | C] () -- C:\WINDOWS\wincig.ini [2008.10.19 18:16:24 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll [2008.09.27 11:50:39 | 000,000,107 | ---- | C] () -- C:\WINDOWS\VobEdit.INI [2008.08.06 15:21:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.07.19 21:30:17 | 000,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc0407.dll [2008.07.19 21:30:17 | 000,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc0407.dll [2008.07.19 21:30:05 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll [2008.07.01 22:57:58 | 000,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll [2008.07.01 22:57:58 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2008.06.28 11:09:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\C6501rm.dll [2008.06.28 11:09:57 | 000,000,133 | ---- | C] () -- C:\WINDOWS\C6501.ini.cfl [2008.06.28 11:08:48 | 000,004,571 | ---- | C] () -- C:\WINDOWS\C6501.ini.cfg [2008.06.27 20:00:35 | 000,000,326 | ---- | C] () -- C:\WINDOWS\c6501.ini [2008.06.27 15:56:30 | 000,006,172 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008.06.26 12:52:48 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008.06.26 12:52:44 | 000,013,069 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008.06.26 12:52:28 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS ========== Alternate Data Streams ========== @Alternate Data Stream - 118 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5C321E34 @Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8 < End of report > ------------------ OTL Extras logfile created on: 25.04.2010 18:19:09 - Run 1 OTL by OldTimer - Version 3.2.3.0 Folder = C:\Down Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 2048 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 25,55 Gb Total Space | 12,07 Gb Free Space | 47,26% Space Free | Partition Type: NTFS Drive D: | 406,70 Gb Total Space | 146,58 Gb Free Space | 36,04% Space Free | Partition Type: NTFS Drive E: | 33,51 Gb Total Space | 24,81 Gb Free Space | 74,02% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: AMD Current User Name: Manni Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OpenNew] -- cmd.exe /k cd %1 (Microsoft Corporation) Directory [PlayWithVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\Klebezettel NG\klebez.exe" = C:\Programme\Klebezettel NG\klebez.exe:*:Enabled:Elektronische Haftnotizen für Windows -- (Hollie-Soft) "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{03030CB1-AEA1-90F8-6442-AC063AA1AE20}" = ccc-core-static "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{12285AC5-1F0A-4E74-A870-9E4889A23BCF}" = InCD "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{1A5F9CD3-7BD3-F68F-1267-7C1157AFE531}" = Catalyst Control Center Graphics Full New "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{29082A9B-0144-5189-78B3-1E8D47DD644D}" = ccc-core-preinstall "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3350F250-FF14-4CD4-97CF-F54239B31EC6}" = UltraEdit 14.20 "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{3F58E241-0649-4ECA-805D-5A7B7943801D}" = Radiotracker "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{4F81901F-3655-4340-8227-F687F69A3C79}}_is1" = Klebezettel NG (Version 2.9.5) "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP "{71CFE572-6C01-96C4-F90E-36C147C98123}" = Catalyst Control Center InstallProxy "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0 "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{870FB7F0-59C3-099B-4ABF-A9F977393EE9}" = ccc-utility "{885DDF98-4E4C-4D80-59C9-B785F2D314E4}" = Catalyst Control Center Graphics Previews Common "{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7 "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A6EB4CB7-DA32-2FAA-7078-7C0C2882D9DF}" = CCC Help English "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A816AE22-1878-CACA-7541-47C56F9A96F7}" = ATI Catalyst Install Manager "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{a8c51a8f-00d7-4fef-85aa-0b674101fe8a}" = Nero 9 "{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.2 - Deutsch "{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5 "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B918272C-7E6E-194F-53E9-D3B566480686}" = Catalyst Control Center Graphics Light "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{C8A92B59-E083-7715-F78F-FDD77B121C3C}" = Catalyst Control Center HydraVision Full "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E6445FCC-EAF6-4E35-9E72-6EF105A4C177}" = HDView for Firefox "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{F1BCD1EA-73CE-B1BF-70DC-A1A6EF3132EE}" = Catalyst Control Center Graphics Full Existing "{F2E92959-8856-6656-BE20-4E2F6685F170}" = Catalyst Control Center Core Implementation "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "7-Zip" = 7-Zip 4.57 "8461-7759-5462-8226" = Vuze "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Age of Mythology 1.0" = Age of Mythology "Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion "AllDup_is1" = AllDup 2.1.10 "Any Video Converter_is1" = Any Video Converter 3.0.3 "AnyDVD" = AnyDVD "Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2 "ATI Display Driver" = ATI Display Driver "Audiograbber" = Audiograbber 1.83 SE "Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Biet-O-Matic v2.8.2" = Biet-O-Matic v2.8.2 "CCleaner" = CCleaner "ClipMagic_3.1" = ClipMagic 3.2.5 "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "Cossacks : The Art Of War" = Cossacks - The Art Of War "easyshare" = MicroLink EasyShare "EPSON Printer and Utilities" = EPSON-Drucker-Software "EW : Cossacks" = Cossacks - European Wars "Generic 6501 Sound" = C-Media 6501 Sound "GNU Aspell_is1" = GNU Aspell 0.50-3 "GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen) "HijackThis" = HijackThis 2.0.2 "ImgBurn" = ImgBurn "Incadia" = Incadia "InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0 "IrfanView" = IrfanView (remove only) "KeePass Password Safe_is1" = KeePass Password Safe 1.17 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4) "NVIDIA Drivers" = NVIDIA Drivers "Pass4sure for IBM LOT-847" = Pass4sure for IBM LOT-847 4.34 "Pass4sure for IBM LOT-848" = Pass4sure for IBM LOT-848 4.34 "Pass4sure for IBM LOT-849" = Pass4sure for IBM LOT-849 4.40 "Pharao" = Pharao "Pharaoh" = Pharao "Pidgin" = Pidgin "RealPlayer 12.0" = RealPlayer "SpeedSim" = SpeedSim "SpywareBlaster_is1" = SpywareBlaster 4.3 "Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0 "Totalcmd" = Total Commander (Remove or Repair) " |
25.04.2010, 17:47 | #4 |
| TR/Crypt.ZPACK.Gen wieder mal. Aus iregend einem Grunde kann ich die Extras nicht posten. Ich erhalte: Fehler: Verbindung unterbrochen |
25.04.2010, 17:50 | #5 |
| TR/Crypt.ZPACK.Gen wieder mal. Andere postings gehen ohne Probleme. Ein Teil der Datei habe ich oben zu dem ersten Post der ersten Log - Datei hinzufügen können. |
25.04.2010, 21:47 | #6 |
| TR/Crypt.ZPACK.Gen wieder mal. OTL Extras logfile created on: 25.04.2010 22:44:06 - Run 3 OTL by OldTimer - Version 3.2.3.0 Folder = C:\Down Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free Paging file location(s): C:\pagefile.sys 2048 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 25,55 Gb Total Space | 12,08 Gb Free Space | 47,27% Space Free | Partition Type: NTFS Drive D: | 406,70 Gb Total Space | 146,58 Gb Free Space | 36,04% Space Free | Partition Type: NTFS Drive E: | 33,51 Gb Total Space | 24,81 Gb Free Space | 74,02% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: AMD Current User Name: Manni Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OpenNew] -- cmd.exe /k cd %1 (Microsoft Corporation) Directory [PlayWithVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\Klebezettel NG\klebez.exe" = C:\Programme\Klebezettel NG\klebez.exe:*:Enabled:Elektronische Haftnotizen für Windows -- (Hollie-Soft) "C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Programme\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{03030CB1-AEA1-90F8-6442-AC063AA1AE20}" = ccc-core-static "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{12285AC5-1F0A-4E74-A870-9E4889A23BCF}" = InCD "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{1A5F9CD3-7BD3-F68F-1267-7C1157AFE531}" = Catalyst Control Center Graphics Full New "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{29082A9B-0144-5189-78B3-1E8D47DD644D}" = ccc-core-preinstall "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3350F250-FF14-4CD4-97CF-F54239B31EC6}" = UltraEdit 14.20 "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{3F58E241-0649-4ECA-805D-5A7B7943801D}" = Radiotracker "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{4F81901F-3655-4340-8227-F687F69A3C79}}_is1" = Klebezettel NG (Version 2.9.5) "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009 "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP "{71CFE572-6C01-96C4-F90E-36C147C98123}" = Catalyst Control Center InstallProxy "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0 "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{870FB7F0-59C3-099B-4ABF-A9F977393EE9}" = ccc-utility "{885DDF98-4E4C-4D80-59C9-B785F2D314E4}" = Catalyst Control Center Graphics Previews Common "{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7 "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A6EB4CB7-DA32-2FAA-7078-7C0C2882D9DF}" = CCC Help English "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A816AE22-1878-CACA-7541-47C56F9A96F7}" = ATI Catalyst Install Manager "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{a8c51a8f-00d7-4fef-85aa-0b674101fe8a}" = Nero 9 "{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.2 - Deutsch "{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5 "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B918272C-7E6E-194F-53E9-D3B566480686}" = Catalyst Control Center Graphics Light "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{C8A92B59-E083-7715-F78F-FDD77B121C3C}" = Catalyst Control Center HydraVision Full "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E6445FCC-EAF6-4E35-9E72-6EF105A4C177}" = HDView for Firefox "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{F1BCD1EA-73CE-B1BF-70DC-A1A6EF3132EE}" = Catalyst Control Center Graphics Full Existing "{F2E92959-8856-6656-BE20-4E2F6685F170}" = Catalyst Control Center Core Implementation "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "7-Zip" = 7-Zip 4.57 "8461-7759-5462-8226" = Vuze "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Age of Mythology 1.0" = Age of Mythology "Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion "AllDup_is1" = AllDup 2.1.10 "Any Video Converter_is1" = Any Video Converter 3.0.3 "AnyDVD" = AnyDVD "Aspell German Dictionary_is1" = Aspell German Dictionary-0.50-2 "ATI Display Driver" = ATI Display Driver "Audiograbber" = Audiograbber 1.83 SE "Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Biet-O-Matic v2.8.2" = Biet-O-Matic v2.8.2 "CCleaner" = CCleaner "ClipMagic_3.1" = ClipMagic 3.2.5 "CloneCD" = CloneCD "CloneDVD2" = CloneDVD2 "Cossacks : The Art Of War" = Cossacks - The Art Of War "easyshare" = MicroLink EasyShare "EPSON Printer and Utilities" = EPSON-Drucker-Software "EW : Cossacks" = Cossacks - European Wars "Generic 6501 Sound" = C-Media 6501 Sound "GNU Aspell_is1" = GNU Aspell 0.50-3 "GTK 2.0" = GTK+ Runtime 2.14.7 rev a (nur entfernen) "HijackThis" = HijackThis 2.0.2 "ImgBurn" = ImgBurn "Incadia" = Incadia "InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0 "IrfanView" = IrfanView (remove only) "KeePass Password Safe_is1" = KeePass Password Safe 1.17 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3) "Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4) "NVIDIA Drivers" = NVIDIA Drivers "Pass4sure for IBM LOT-847" = Pass4sure for IBM LOT-847 4.34 "Pass4sure for IBM LOT-848" = Pass4sure for IBM LOT-848 4.34 "Pass4sure for IBM LOT-849" = Pass4sure for IBM LOT-849 4.40 "Pharao" = Pharao "Pharaoh" = Pharao "Pidgin" = Pidgin "RealPlayer 12.0" = RealPlayer "SpeedSim" = SpeedSim "SpywareBlaster_is1" = SpywareBlaster 4.3 "Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0 "Totalcmd" = Total Commander (Remove or Repair) "tvbrowser" = TV-Browser 2.7.5 "Tweak UI 2.10" = Tweak UI "uniquemagicmp3taggerappid_is1" = Magic MP3 Tagger 2.2.5 "VLC media player" = VLC media player 1.0.5 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "X - Beyond the Frontier" = X - Beyond the Frontier "XMedia Recode" = XMedia Recode 2.1.8.4 "xp-AntiSpy" = xp-AntiSpy 3.97-2 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "Youporn Video Downloader_is1" = Youporn Video Downloader 3.16 "ZoneAlarm" = ZoneAlarm ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== [ System Events ] Error - 25.04.2010 16:41:35 | Computer Name = AMD | Source = Ftdisk | ID = 262189 Description = Das System konnte den Treiber für das Speicherabbild nicht laden. Error - 25.04.2010 16:41:35 | Computer Name = AMD | Source = Ftdisk | ID = 262193 Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher abbilden zu können. Error - 25.04.2010 16:41:42 | Computer Name = AMD | Source = Service Control Manager | ID = 7000 Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > |
25.04.2010, 21:49 | #7 |
| TR/Crypt.ZPACK.Gen wieder mal. So diesmal hat es geklappt. Danke schon mal im voraus. |
25.04.2010, 21:58 | #8 |
| TR/Crypt.ZPACK.Gen wieder mal. Vielleicht jetzt doch noch eine Info. Ich habe vorhin Spybot - Search & destry uind Ad-Aware mal laufen lassen. Gefundene Probleme habe ich auch von den beiden Programmen direkt beheben lassen. Die Fehlermeldungen sind bislang nicht mehr aufgetreten. |
26.04.2010, 11:18 | #9 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.ZPACK.Gen wieder mal.Zitat:
Das Log von Malwarebytes hast Du auch noch nicht gepostet.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu TR/Crypt.ZPACK.Gen wieder mal. |
adobe, antivir, antivir guard, avira, bho, desktop, dll, download, einstellungen, explorer, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, monitor, pdf, plug-in, programme, registry, rundll, software, system, trojaner, windows, windows xp |