|
Plagegeister aller Art und deren Bekämpfung: tr/crypt.xpack.gen3 ich hab von nix ne ahnung : (((Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.10.2010, 08:50 | #1 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( moin, habe seit gestern nacht den o.g. trojaner auf dem rechner und bekomme ihn nicht weg. zusätzlich findet avira noch andere trojaner, irgendwas mit tricrypt.xpack.gen, flu1dcc.??? und TR/Dropper.gen. habe jetzt das anti-malware-tool am laufen und werde nach anleitung vorgehen, bin guter hoffnung dass ihr mir helfen könnt?!?! gruß flo |
12.10.2010, 08:51 | #2 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( Malwarebytes' Anti-Malware 1.46
__________________www.malwarebytes.org Datenbank Version: 4798 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 12.10.2010 09:48:23 mbam-log-2010-10-12 (09-48-23).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 137747 Laufzeit: 25 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 2 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 5 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 14 Infizierte Speicherprozesse: C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe (Trojan.FakeAlert) -> No action taken. Infizierte Speichermodule: C:\Users\Florian\AppData\Local\dizicd.dll (Trojan.Hiloti) -> No action taken. C:\Users\Florian\AppData\Local\Temp\eapp32hst.dll (Trojan.FakeAV) -> No action taken. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pbucidequb (Trojan.Hiloti) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dfrgsnapnt.exe (Trojan.FakeAlert) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fheydbueyj.exe (Spyware.Passwords.XGen) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\Florian\AppData\Local\dizicd.dll (Trojan.Hiloti) -> No action taken. C:\Users\Florian\AppData\Local\Temp\eapp32hst.dll (Trojan.FakeAV) -> No action taken. C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe (Trojan.FakeAlert) -> No action taken. C:\fheydbueyj.exe\fheydbueyj.exe (Spyware.Passwords.XGen) -> No action taken. C:\Users\Florian\AppData\Local\Temp\asd68A9.tmp.exe (Trojan.FakeAlert) -> No action taken. C:\Users\Florian\AppData\Local\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken. C:\Users\Florian\downloads\setup(2).exe (Adware.Hotbar) -> No action taken. C:\Users\Florian\downloads\actualspy.exe (Application.ActualSpy) -> No action taken. C:\Users\Florian\Desktop\nudetube.com.lnk (Rogue.Link) -> No action taken. C:\Users\Florian\Desktop\pornotube.com.lnk (Rogue.Link) -> No action taken. C:\Users\Florian\Desktop\spam001.exe (Malware.Trace) -> No action taken. C:\Users\Florian\Desktop\spam003.exe (Malware.Trace) -> No action taken. C:\Users\Florian\Desktop\troj000.exe (Malware.Trave) -> No action taken. C:\Users\Florian\Desktop\youporn.com.lnk (Rogue.Link) -> No action taken. |
12.10.2010, 09:13 | #3 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( Hi,
__________________alle Funde löschen lassen! Ist das ein 64-Bit System? OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
chris
__________________ |
12.10.2010, 09:46 | #4 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( danke schon mal. bin dabei, muss jetzt aber zur arbeit. hab heute auch noch geburtstag, d.h. ich kann mich erst morgen früh drum kümmern. melde mich dann wieder... gruß flo |
12.10.2010, 11:19 | #5 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( übrigens hab ich keine ahnung ob das ein 64bit-system ist, wie finde ich das raus? habe einen ca. 4 jahre alten hp-laptop mit windows vista. |
12.10.2010, 14:09 | #6 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( Hi, poste das OTL-Log, dann kann ich es sehen... Ich wollte gleich CF hinterherjagen, der läuft aber auf 64Bit-Systemen nicht... chris
__________________ --> tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( |
12.10.2010, 14:31 | #7 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2010 15:22:37 - Run 2 OTL by OldTimer - Version 3.2.15.1 Folder = C:\Users\Florian\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 159,12 Gb Total Space | 6,20 Gb Free Space | 3,90% Space Free | Partition Type: NTFS Drive D: | 7,54 Gb Total Space | 2,28 Gb Free Space | 30,24% Space Free | Partition Type: NTFS Drive F: | 66,23 Gb Total Space | 60,93 Gb Free Space | 91,99% Space Free | Partition Type: NTFS Drive G: | 966,72 Mb Total Space | 631,34 Mb Free Space | 65,31% Space Free | Partition Type: FAT32 Computer Name: WILLI | User Name: Florian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe () PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Join Air\UIMain.exe () PRC - C:\Program Files\Join Air\CMUpdater.exe () PRC - C:\Program Files\Join Air\AssistantServices.exe () PRC - C:\Program Files\Join Air\UIExec.exe () PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe () PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (UI Assistant Service) -- C:\Program Files\Join Air\AssistantServices.exe () SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe () SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe () SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) SRV - (ColdFusion MX Application Server) -- C:\CFusionMX\runtime\bin\jrunsvc.exe (Macromedia Inc.) SRV - (ColdFusion MX ODBC Agent) -- C:\CFusionMX\db\slserver52\bin\swagent.exe () SRV - (ColdFusion MX ODBC Server) -- C:\CFusionMX\db\slserver52\bin\swstrtr.exe () ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation) DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/" FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.8.6 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.18 19:07:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.18 19:07:24 | 000,000,000 | ---D | M] [2008.09.05 17:42:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions [2010.02.13 16:51:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions [2009.09.12 23:54:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.01.25 13:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2009.12.17 19:52:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010.02.13 08:42:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2009.12.17 19:52:01 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} [2009.11.27 12:02:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008.09.05 17:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org [2009.02.09 19:25:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.02.09 19:25:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2009.02.09 19:25:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.02.09 19:25:08 | 000,000,986 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.02.09 19:25:08 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.03.16 00:09:59 | 000,380,638 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13114 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe File not found O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe () O4 - HKCU..\Run: [fheydbueyj.exe] C:\fheydbueyj.exe\fheydbueyj.exe () O4 - HKCU..\Run: [Pbucidequb] C:\Users\Florian\AppData\Local\dizicd.DLL () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img5.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img5.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\AutoRun\command - "" = H:\EmDesk.exe -- File not found O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\EmDesk\command - "" = H:\EmDesk.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.12 09:16:10 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes [2010.10.12 09:15:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.10.12 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.12 09:15:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.10.12 09:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.10.12 08:54:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\AnVi [2010.10.12 01:51:32 | 000,000,000 | ---D | C] -- C:\DBControl [2010.10.11 23:35:58 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\DBControl [2010.10.05 01:49:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\kein 75 tage bis weihnacten [2010.10.05 01:48:48 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\Neuer Ordner (3) [2010.09.29 22:50:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.09.29 22:50:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.09.29 22:50:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.09.15 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Nvu [2010.09.15 16:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.12 15:30:13 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA26E69E-EA0D-4B6D-94D2-2BCE8EF98532}.job [2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.12 15:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.12 10:29:19 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.10.12 10:29:07 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2010.10.12 10:28:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.12 10:19:04 | 000,352,615 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2010.10.12 10:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.12 10:18:44 | 2079,150,080 | -HS- | M] () -- C:\hiberfil.sys [2010.10.12 09:49:20 | 000,000,799 | ---- | M] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk [2010.10.12 09:28:00 | 000,001,507 | ---- | M] () -- C:\Users\Florian\Desktop\pornotube.com.lnk [2010.10.12 09:28:00 | 000,001,503 | ---- | M] () -- C:\Users\Florian\Desktop\nudetube.com.lnk [2010.10.12 09:28:00 | 000,001,499 | ---- | M] () -- C:\Users\Florian\Desktop\youporn.com.lnk [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\troj000.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam003.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam001.exe [2010.10.12 09:16:02 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.11 22:03:56 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.10.05 16:57:25 | 000,236,032 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.17 20:26:07 | 000,004,904 | ---- | M] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio [2010.09.15 16:48:39 | 000,000,650 | ---- | M] () -- C:\Users\Florian\Desktop\Nvu.lnk [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.12 09:49:20 | 000,000,799 | ---- | C] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk [2010.10.12 09:16:02 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.12 00:57:42 | 000,001,507 | ---- | C] () -- C:\Users\Florian\Desktop\pornotube.com.lnk [2010.10.12 00:57:42 | 000,001,503 | ---- | C] () -- C:\Users\Florian\Desktop\nudetube.com.lnk [2010.10.12 00:57:42 | 000,001,499 | ---- | C] () -- C:\Users\Florian\Desktop\youporn.com.lnk [2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\troj000.exe [2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam003.exe [2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam001.exe [2010.10.11 23:35:58 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\googleupdate.log [2010.09.17 20:26:07 | 000,004,904 | ---- | C] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio [2010.09.15 16:48:39 | 000,000,650 | ---- | C] () -- C:\Users\Florian\Desktop\Nvu.lnk [2010.02.13 08:21:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.07.21 10:03:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2009.07.21 10:03:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2009.04.01 16:35:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.03.08 13:40:51 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2009.02.18 20:25:04 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.02.18 20:25:02 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009.02.07 16:36:53 | 000,000,680 | ---- | C] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat [2009.01.20 20:35:33 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008.12.21 13:35:57 | 000,491,520 | ---- | C] () -- C:\Windows\System32\cfvalidator.dll [2008.12.21 13:35:57 | 000,442,368 | ---- | C] () -- C:\Windows\System32\cfssvradmin.dll [2008.12.21 13:35:57 | 000,270,336 | ---- | C] () -- C:\Windows\System32\CfShellFtpRds.dll [2008.12.21 13:35:57 | 000,147,456 | ---- | C] () -- C:\Windows\System32\CFFileProxy.dll [2008.12.21 13:35:57 | 000,114,688 | ---- | C] () -- C:\Windows\System32\CfRds.dll [2008.12.21 13:35:57 | 000,069,632 | ---- | C] () -- C:\Windows\System32\CFFtp.dll [2008.12.21 13:35:53 | 000,777,728 | ---- | C] () -- C:\Windows\System32\SSLSVC.DLL [2008.12.21 13:35:53 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll [2008.12.21 13:35:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\cfmsg.dll [2008.12.21 13:35:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll [2008.12.21 13:35:51 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lang_cfml.dll [2008.12.21 13:35:51 | 000,028,672 | ---- | C] () -- C:\Windows\System32\xml_datagrove.dll [2008.12.21 11:40:26 | 000,000,734 | ---- | C] () -- C:\Windows\ODBC.INI [2008.11.26 00:12:04 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2008.09.11 19:00:55 | 000,082,432 | ---- | C] () -- C:\Users\Florian\AppData\Local\dizicd.dll [2008.03.17 22:04:56 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.12.12 17:33:54 | 000,236,032 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.12.12 17:21:30 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.001 [2007.12.12 17:21:25 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.dat [2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\QSwitch.txt [2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\DSwitch.txt [2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\AtStart.txt [2007.08.18 10:37:05 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2007.02.27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006.12.14 08:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006.12.14 08:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.03.10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2005.05.07 14:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 48 bytes -> C:\Windows:CD18E6804605E78C < End of report > |
12.10.2010, 14:34 | #8 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( extras-txt finde ich nirgends : ( und der rechner treibt mich in den wahnsinn, alle 5 sekunden muss ich 2x bei der trojaner-warnmeldung auf löschen klicken #*ß%&!!!!!! |
12.10.2010, 14:39 | #9 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( Hi, got him: Fix für OTL:
Code:
ATTFilter :OTL DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe () O4 - HKCU..\Run: [fheydbueyj.exe] C:\fheydbueyj.exe\fheydbueyj.exe () O4 - HKCU..\Run: [Pbucidequb] C:\Users\Florian\AppData\Local\dizicd.DLL () O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\AutoRun\command - "" = H:\EmDesk.exe -- File not found O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\EmDesk\command - "" = H:\EmDesk.exe -- File not found [2010.10.12 09:28:00 | 000,001,507 | ---- | M] () -- C:\Users\Florian\Desktop\pornotube.com.lnk [2010.10.12 09:28:00 | 000,001,503 | ---- | M] () -- C:\Users\Florian\Desktop\nudetube.com.lnk [2010.10.12 09:28:00 | 000,001,499 | ---- | M] () -- C:\Users\Florian\Desktop\youporn.com.lnk [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\troj000.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam003.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam001.exe [2008.09.11 19:00:55 | 000,082,432 | ---- | C] () -- C:\Users\Florian\AppData\Local\dizicd.dll @Alternate Data Stream - 48 bytes -> C:\Windows:CD18E6804605E78C :Commands [emptytemp] [Reboot]
Combofix Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop. Antivierenlösung komplett auschalten und zwar so, dass sie sich auch nach einem Reboot NICHT einschaltet! Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß! Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter. Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird. Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
12.10.2010, 14:59 | #10 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( ich dreh durch... bei mir gibts kein ergebnisfenster???? bin übrigens begeistert von der hilfe hier : ) |
12.10.2010, 15:01 | #11 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( das vielleicht?? Error: Unable to interpret <OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2010 15:22:37 - Run 2> in the current context! Error: Unable to interpret <OTL by OldTimer - Version 3.2.15.1 Folder = C:\Users\Florian\Downloads> in the current context! Error: Unable to interpret <Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation> in the current context! Error: Unable to interpret <Internet Explorer (Version = 7.0.6001.18000)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free> in the current context! Error: Unable to interpret <4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context! Error: Unable to interpret <Drive C: | 159,12 Gb Total Space | 6,20 Gb Free Space | 3,90% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive D: | 7,54 Gb Total Space | 2,28 Gb Free Space | 30,24% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive F: | 66,23 Gb Total Space | 60,93 Gb Free Space | 91,99% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive G: | 966,72 Mb Total Space | 631,34 Mb Free Space | 65,31% Space Free | Partition Type: FAT32> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: WILLI | User Name: Florian | Logged in as Administrator.> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context! Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <PRC - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <PRC - C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\UIMain.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\CMUpdater.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\AssistantServices.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\UIExec.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Modules (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <MOD - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)> in the current context! Error: Unable to interpret <MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context! Error: Unable to interpret <SRV - (UI Assistant Service) -- C:\Program Files\Join Air\AssistantServices.exe ()> in the current context! Error: Unable to interpret <SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret <SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)> in the current context! Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)> in the current context! Error: Unable to interpret <SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()> in the current context! Error: Unable to interpret <SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()> in the current context! Error: Unable to interpret <SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX Application Server) -- C:\CFusionMX\runtime\bin\jrunsvc.exe (Macromedia Inc.)> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX ODBC Agent) -- C:\CFusionMX\db\slserver52\bin\swagent.exe ()> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX ODBC Server) -- C:\CFusionMX\db\slserver52\bin\swstrtr.exe ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found> in the current context! Error: Unable to interpret <DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found> in the current context! Error: Unable to interpret <DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found> in the current context! Error: Unable to interpret <DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found> in the current context! Error: Unable to interpret <DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)> in the current context! Error: Unable to interpret <DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)> in the current context! Error: Unable to interpret <DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)> in the current context! Error: Unable to interpret <DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)> in the current context! Error: Unable to interpret <DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret <DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)> in the current context! Error: Unable to interpret <DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)> in the current context! Error: Unable to interpret <DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)> in the current context! Error: Unable to interpret <DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)> in the current context! Error: Unable to interpret <DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)> in the current context! Error: Unable to interpret <DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)> in the current context! Error: Unable to interpret <DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)> in the current context! Error: Unable to interpret <DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)> in the current context! Error: Unable to interpret <DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)> in the current context! Error: Unable to interpret <DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)> in the current context! Error: Unable to interpret <DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)> in the current context! Error: Unable to interpret <DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)> in the current context! Error: Unable to interpret <DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)> in the current context! Error: Unable to interpret <DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)> in the current context! Error: Unable to interpret <DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)> in the current context! Error: Unable to interpret <DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)> in the current context! Error: Unable to interpret <DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)> in the current context! Error: Unable to interpret <DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm> in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== FireFox ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/"> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.8.6> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.18 19:07:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.18 19:07:24 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2008.09.05 17:42:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2010.02.13 16:51:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions> in the current context! Error: Unable to interpret <[2009.09.12 23:54:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}> in the current context! Error: Unable to interpret <[2009.01.25 13:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}> in the current context! Error: Unable to interpret <[2009.12.17 19:52:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}> in the current context! Error: Unable to interpret <[2010.02.13 08:42:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}> in the current context! Error: Unable to interpret <[2009.12.17 19:52:01 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}> in the current context! Error: Unable to interpret <[2009.11.27 12:02:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions> in the current context! Error: Unable to interpret <[2008.09.05 17:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,000,986 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2010.03.16 00:09:59 | 000,380,638 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: ::1 localhost> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008i.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 010402.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1-2005-search.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1-2005-search.com> in the current context! Error: Unable to interpret <O1 - Hosts: 13114 more lines...> in the current context! Error: Unable to interpret <O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe ()> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [fheydbueyj.exe] C:\fheydbueyj.exe\fheydbueyj.exe ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [Pbucidequb] C:\Users\Florian\AppData\Local\dizicd.DLL ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)> in the current context! Error: Unable to interpret <O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)> in the current context! Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context! Error: Unable to interpret <O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)> in the current context! Error: Unable to interpret <O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)> in the current context! Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img5.jpg> in the current context! Error: Unable to interpret <O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img5.jpg> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]> in the current context! Error: Unable to interpret <O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\AutoRun\command - "" = H:\EmDesk.exe -- File not found> in the current context! Error: Unable to interpret <O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\EmDesk\command - "" = H:\EmDesk.exe -- File not found> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) - File not found> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 09:16:10 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes> in the current context! Error: Unable to interpret <[2010.10.12 09:15:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context! Error: Unable to interpret <[2010.10.12 09:15:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2010.10.12 08:54:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\AnVi> in the current context! Error: Unable to interpret <[2010.10.12 01:51:32 | 000,000,000 | ---D | C] -- C:\DBControl> in the current context! Error: Unable to interpret <[2010.10.11 23:35:58 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\DBControl> in the current context! Error: Unable to interpret <[2010.10.05 01:49:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\kein 75 tage bis weihnacten> in the current context! Error: Unable to interpret <[2010.10.05 01:48:48 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\Neuer Ordner (3)> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll> in the current context! Error: Unable to interpret <[2010.09.15 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Nvu> in the current context! Error: Unable to interpret <[2010.09.15 16:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu> in the current context! Error: Unable to interpret <[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 15:30:13 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA26E69E-EA0D-4B6D-94D2-2BCE8EF98532}.job> in the current context! Error: Unable to interpret <[2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2010.10.12 15:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2010.10.12 10:29:19 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.001> in the current context! Error: Unable to interpret <[2010.10.12 10:29:07 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini> in the current context! Error: Unable to interpret <[2010.10.12 10:28:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2010.10.12 10:19:04 | 000,352,615 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml> in the current context! Error: Unable to interpret <[2010.10.12 10:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context! Error: Unable to interpret <[2010.10.12 10:18:44 | 2079,150,080 | -HS- | M] () -- C:\hiberfil.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:49:20 | 000,000,799 | ---- | M] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,507 | ---- | M] () -- C:\Users\Florian\Desktop\pornotube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,503 | ---- | M] () -- C:\Users\Florian\Desktop\nudetube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,499 | ---- | M] () -- C:\Users\Florian\Desktop\youporn.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\troj000.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam003.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam001.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:16:02 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context! Error: Unable to interpret <[2010.10.11 22:03:56 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.dat> in the current context! Error: Unable to interpret <[2010.10.05 16:57:25 | 000,236,032 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2010.09.17 20:26:07 | 000,004,904 | ---- | M] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio> in the current context! Error: Unable to interpret <[2010.09.15 16:48:39 | 000,000,650 | ---- | M] () -- C:\Users\Florian\Desktop\Nvu.lnk> in the current context! Error: Unable to interpret <[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 09:49:20 | 000,000,799 | ---- | C] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:16:02 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,507 | ---- | C] () -- C:\Users\Florian\Desktop\pornotube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,503 | ---- | C] () -- C:\Users\Florian\Desktop\nudetube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,499 | ---- | C] () -- C:\Users\Florian\Desktop\youporn.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\troj000.exe> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam003.exe> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam001.exe> in the current context! Error: Unable to interpret <[2010.10.11 23:35:58 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\googleupdate.log> in the current context! Error: Unable to interpret <[2010.09.17 20:26:07 | 000,004,904 | ---- | C] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio> in the current context! Error: Unable to interpret <[2010.09.15 16:48:39 | 000,000,650 | ---- | C] () -- C:\Users\Florian\Desktop\Nvu.lnk> in the current context! Error: Unable to interpret <[2010.02.13 08:21:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll> in the current context! Error: Unable to interpret <[2009.07.21 10:03:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll> in the current context! Error: Unable to interpret <[2009.07.21 10:03:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll> in the current context! Error: Unable to interpret <[2009.04.01 16:35:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat> in the current context! Error: Unable to interpret <[2009.03.08 13:40:51 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll> in the current context! Error: Unable to interpret <[2009.02.18 20:25:04 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.001> in the current context! Error: Unable to interpret <[2009.02.18 20:25:02 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.dat> in the current context! Error: Unable to interpret <[2009.02.07 16:36:53 | 000,000,680 | ---- | C] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat> in the current context! Error: Unable to interpret <[2009.01.20 20:35:33 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,491,520 | ---- | C] () -- C:\Windows\System32\cfvalidator.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,442,368 | ---- | C] () -- C:\Windows\System32\cfssvradmin.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,270,336 | ---- | C] () -- C:\Windows\System32\CfShellFtpRds.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,147,456 | ---- | C] () -- C:\Windows\System32\CFFileProxy.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,114,688 | ---- | C] () -- C:\Windows\System32\CfRds.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,069,632 | ---- | C] () -- C:\Windows\System32\CFFtp.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,777,728 | ---- | C] () -- C:\Windows\System32\SSLSVC.DLL> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\cfmsg.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:51 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lang_cfml.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:51 | 000,028,672 | ---- | C] () -- C:\Windows\System32\xml_datagrove.dll> in the current context! Error: Unable to interpret <[2008.12.21 11:40:26 | 000,000,734 | ---- | C] () -- C:\Windows\ODBC.INI> in the current context! Error: Unable to interpret <[2008.11.26 00:12:04 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib> in the current context! Error: Unable to interpret <[2008.09.11 19:00:55 | 000,082,432 | ---- | C] () -- C:\Users\Florian\AppData\Local\dizicd.dll> in the current context! Error: Unable to interpret <[2008.03.17 22:04:56 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html> in the current context! Error: Unable to interpret <[2007.12.12 17:33:54 | 000,236,032 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2007.12.12 17:21:30 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.001> in the current context! Error: Unable to interpret <[2007.12.12 17:21:25 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.dat> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\QSwitch.txt> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\DSwitch.txt> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\AtStart.txt> in the current context! Error: Unable to interpret <[2007.08.18 10:37:05 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log> in the current context! Error: Unable to interpret <[2007.02.27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini> in the current context! Error: Unable to interpret <[2006.12.14 08:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll> in the current context! Error: Unable to interpret <[2006.12.14 08:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll> in the current context! Error: Unable to interpret <[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll> in the current context! Error: Unable to interpret <[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll> in the current context! Error: Unable to interpret <[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll> in the current context! Error: Unable to interpret <[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini> in the current context! Error: Unable to interpret <[2006.03.10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll> in the current context! Error: Unable to interpret <[2005.05.07 14:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll> in the current context! Error: Unable to interpret <[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <@Alternate Data Stream - 48 bytes -> C:\Windows:CD18E6804605E78C> in the current context! Error: Unable to interpret << End of report > > in the current context! OTL by OldTimer - Version 3.2.15.1 log created on 10122010_155250 |
12.10.2010, 15:03 | #12 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( mist, jetzt sieht man dass ich pornos runterladen wollte *hüstel* *rotanlauf* |
12.10.2010, 15:05 | #13 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( ah, ich war nur zu hektisch: Error: Unable to interpret <OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2010 15:22:37 - Run 2> in the current context! Error: Unable to interpret <OTL by OldTimer - Version 3.2.15.1 Folder = C:\Users\Florian\Downloads> in the current context! Error: Unable to interpret <Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation> in the current context! Error: Unable to interpret <Internet Explorer (Version = 7.0.6001.18000)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free> in the current context! Error: Unable to interpret <4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context! Error: Unable to interpret <Drive C: | 159,12 Gb Total Space | 6,20 Gb Free Space | 3,90% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive D: | 7,54 Gb Total Space | 2,28 Gb Free Space | 30,24% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive F: | 66,23 Gb Total Space | 60,93 Gb Free Space | 91,99% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive G: | 966,72 Mb Total Space | 631,34 Mb Free Space | 65,31% Space Free | Partition Type: FAT32> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: WILLI | User Name: Florian | Logged in as Administrator.> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user> in the current context! Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <PRC - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <PRC - C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\UIMain.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\CMUpdater.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\AssistantServices.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Join Air\UIExec.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Modules (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <MOD - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)> in the current context! Error: Unable to interpret <MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)> in the current context! Error: Unable to interpret <SRV - (UI Assistant Service) -- C:\Program Files\Join Air\AssistantServices.exe ()> in the current context! Error: Unable to interpret <SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret <SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)> in the current context! Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)> in the current context! Error: Unable to interpret <SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()> in the current context! Error: Unable to interpret <SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()> in the current context! Error: Unable to interpret <SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX Application Server) -- C:\CFusionMX\runtime\bin\jrunsvc.exe (Macromedia Inc.)> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX ODBC Agent) -- C:\CFusionMX\db\slserver52\bin\swagent.exe ()> in the current context! Error: Unable to interpret <SRV - (ColdFusion MX ODBC Server) -- C:\CFusionMX\db\slserver52\bin\swstrtr.exe ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found> in the current context! Error: Unable to interpret <DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found> in the current context! Error: Unable to interpret <DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found> in the current context! Error: Unable to interpret <DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found> in the current context! Error: Unable to interpret <DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)> in the current context! Error: Unable to interpret <DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)> in the current context! Error: Unable to interpret <DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)> in the current context! Error: Unable to interpret <DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)> in the current context! Error: Unable to interpret <DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)> in the current context! Error: Unable to interpret <DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)> in the current context! Error: Unable to interpret <DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)> in the current context! Error: Unable to interpret <DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)> in the current context! Error: Unable to interpret <DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret <DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)> in the current context! Error: Unable to interpret <DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)> in the current context! Error: Unable to interpret <DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)> in the current context! Error: Unable to interpret <DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)> in the current context! Error: Unable to interpret <DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)> in the current context! Error: Unable to interpret <DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)> in the current context! Error: Unable to interpret <DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)> in the current context! Error: Unable to interpret <DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)> in the current context! Error: Unable to interpret <DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)> in the current context! Error: Unable to interpret <DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)> in the current context! Error: Unable to interpret <DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)> in the current context! Error: Unable to interpret <DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)> in the current context! Error: Unable to interpret <DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)> in the current context! Error: Unable to interpret <DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)> in the current context! Error: Unable to interpret <DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)> in the current context! Error: Unable to interpret <DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)> in the current context! Error: Unable to interpret <DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)> in the current context! Error: Unable to interpret <DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)> in the current context! Error: Unable to interpret <DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)> in the current context! Error: Unable to interpret <DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)> in the current context! Error: Unable to interpret <DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)> in the current context! Error: Unable to interpret <DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)> in the current context! Error: Unable to interpret <DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm> in the current context! Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop> in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== FireFox ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/"> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.8.6> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.18 19:07:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.18 19:07:24 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2008.09.05 17:42:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2010.02.13 16:51:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions> in the current context! Error: Unable to interpret <[2009.09.12 23:54:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}> in the current context! Error: Unable to interpret <[2009.01.25 13:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}> in the current context! Error: Unable to interpret <[2009.12.17 19:52:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}> in the current context! Error: Unable to interpret <[2010.02.13 08:42:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}> in the current context! Error: Unable to interpret <[2009.12.17 19:52:01 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\omgrzihv.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}> in the current context! Error: Unable to interpret <[2009.11.27 12:02:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions> in the current context! Error: Unable to interpret <[2008.09.05 17:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\inspector@mozilla.org> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,000,986 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2009.02.09 19:25:08 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2010.03.16 00:09:59 | 000,380,638 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: ::1 localhost> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 007guard.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008i.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008k.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 00hq.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 010402.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 032439.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 0scan.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1000gratisproben.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1001namen.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100888290cs.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100sexlinks.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.10sek.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1-2005-search.com> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1-2005-search.com> in the current context! Error: Unable to interpret <O1 - Hosts: 13114 more lines...> in the current context! Error: Unable to interpret <O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [] File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe File not found> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe ()> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [fheydbueyj.exe] C:\fheydbueyj.exe\fheydbueyj.exe ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [Pbucidequb] C:\Users\Florian\AppData\Local\dizicd.DLL ()> in the current context! Error: Unable to interpret <O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)> in the current context! Error: Unable to interpret <O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)> in the current context! Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context! Error: Unable to interpret <O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)> in the current context! Error: Unable to interpret <O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)> in the current context! Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img5.jpg> in the current context! Error: Unable to interpret <O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img5.jpg> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]> in the current context! Error: Unable to interpret <O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\AutoRun\command - "" = H:\EmDesk.exe -- File not found> in the current context! Error: Unable to interpret <O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\EmDesk\command - "" = H:\EmDesk.exe -- File not found> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) - File not found> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 09:16:10 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes> in the current context! Error: Unable to interpret <[2010.10.12 09:15:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context! Error: Unable to interpret <[2010.10.12 09:15:52 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2010.10.12 08:54:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\AnVi> in the current context! Error: Unable to interpret <[2010.10.12 01:51:32 | 000,000,000 | ---D | C] -- C:\DBControl> in the current context! Error: Unable to interpret <[2010.10.11 23:35:58 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\DBControl> in the current context! Error: Unable to interpret <[2010.10.05 01:49:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\kein 75 tage bis weihnacten> in the current context! Error: Unable to interpret <[2010.10.05 01:48:48 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\Neuer Ordner (3)> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll> in the current context! Error: Unable to interpret <[2010.09.29 22:50:50 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll> in the current context! Error: Unable to interpret <[2010.09.15 16:48:42 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Nvu> in the current context! Error: Unable to interpret <[2010.09.15 16:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu> in the current context! Error: Unable to interpret <[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 15:30:13 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA26E69E-EA0D-4B6D-94D2-2BCE8EF98532}.job> in the current context! Error: Unable to interpret <[2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2010.10.12 15:26:15 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2010.10.12 15:19:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2010.10.12 10:29:19 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.001> in the current context! Error: Unable to interpret <[2010.10.12 10:29:07 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini> in the current context! Error: Unable to interpret <[2010.10.12 10:28:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2010.10.12 10:19:04 | 000,352,615 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml> in the current context! Error: Unable to interpret <[2010.10.12 10:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context! Error: Unable to interpret <[2010.10.12 10:18:44 | 2079,150,080 | -HS- | M] () -- C:\hiberfil.sys> in the current context! Error: Unable to interpret <[2010.10.12 09:49:20 | 000,000,799 | ---- | M] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,507 | ---- | M] () -- C:\Users\Florian\Desktop\pornotube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,503 | ---- | M] () -- C:\Users\Florian\Desktop\nudetube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,001,499 | ---- | M] () -- C:\Users\Florian\Desktop\youporn.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\troj000.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam003.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam001.exe> in the current context! Error: Unable to interpret <[2010.10.12 09:16:02 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context! Error: Unable to interpret <[2010.10.11 22:03:56 | 000,042,381 | ---- | M] () -- C:\ProgramData\nvModes.dat> in the current context! Error: Unable to interpret <[2010.10.05 16:57:25 | 000,236,032 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2010.09.17 20:26:07 | 000,004,904 | ---- | M] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio> in the current context! Error: Unable to interpret <[2010.09.15 16:48:39 | 000,000,650 | ---- | M] () -- C:\Users\Florian\Desktop\Nvu.lnk> in the current context! Error: Unable to interpret <[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2010.10.12 09:49:20 | 000,000,799 | ---- | C] () -- C:\Users\Florian\Desktop\mbam-log-2010-10-12 (09-48-23) - Verknüpfung.lnk> in the current context! Error: Unable to interpret <[2010.10.12 09:16:02 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,507 | ---- | C] () -- C:\Users\Florian\Desktop\pornotube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,503 | ---- | C] () -- C:\Users\Florian\Desktop\nudetube.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,001,499 | ---- | C] () -- C:\Users\Florian\Desktop\youporn.com.lnk> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\troj000.exe> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam003.exe> in the current context! Error: Unable to interpret <[2010.10.12 00:57:42 | 000,000,001 | ---- | C] () -- C:\Users\Florian\Desktop\spam001.exe> in the current context! Error: Unable to interpret <[2010.10.11 23:35:58 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\googleupdate.log> in the current context! Error: Unable to interpret <[2010.09.17 20:26:07 | 000,004,904 | ---- | C] () -- C:\Users\Florian\Documents\Audio_091610_210546.roxio> in the current context! Error: Unable to interpret <[2010.09.15 16:48:39 | 000,000,650 | ---- | C] () -- C:\Users\Florian\Desktop\Nvu.lnk> in the current context! Error: Unable to interpret <[2010.02.13 08:21:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll> in the current context! Error: Unable to interpret <[2009.07.21 10:03:16 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll> in the current context! Error: Unable to interpret <[2009.07.21 10:03:16 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll> in the current context! Error: Unable to interpret <[2009.04.01 16:35:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat> in the current context! Error: Unable to interpret <[2009.03.08 13:40:51 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll> in the current context! Error: Unable to interpret <[2009.02.18 20:25:04 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.001> in the current context! Error: Unable to interpret <[2009.02.18 20:25:02 | 000,042,381 | ---- | C] () -- C:\ProgramData\nvModes.dat> in the current context! Error: Unable to interpret <[2009.02.07 16:36:53 | 000,000,680 | ---- | C] () -- C:\Users\Florian\AppData\Local\d3d9caps.dat> in the current context! Error: Unable to interpret <[2009.01.20 20:35:33 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,491,520 | ---- | C] () -- C:\Windows\System32\cfvalidator.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,442,368 | ---- | C] () -- C:\Windows\System32\cfssvradmin.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,270,336 | ---- | C] () -- C:\Windows\System32\CfShellFtpRds.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,147,456 | ---- | C] () -- C:\Windows\System32\CFFileProxy.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,114,688 | ---- | C] () -- C:\Windows\System32\CfRds.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:57 | 000,069,632 | ---- | C] () -- C:\Windows\System32\CFFtp.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,777,728 | ---- | C] () -- C:\Windows\System32\SSLSVC.DLL> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\cfmsg.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:53 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:51 | 000,114,688 | ---- | C] () -- C:\Windows\System32\lang_cfml.dll> in the current context! Error: Unable to interpret <[2008.12.21 13:35:51 | 000,028,672 | ---- | C] () -- C:\Windows\System32\xml_datagrove.dll> in the current context! Error: Unable to interpret <[2008.12.21 11:40:26 | 000,000,734 | ---- | C] () -- C:\Windows\ODBC.INI> in the current context! Error: Unable to interpret <[2008.11.26 00:12:04 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib> in the current context! Error: Unable to interpret <[2008.09.11 19:00:55 | 000,082,432 | ---- | C] () -- C:\Users\Florian\AppData\Local\dizicd.dll> in the current context! Error: Unable to interpret <[2008.03.17 22:04:56 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html> in the current context! Error: Unable to interpret <[2007.12.12 17:33:54 | 000,236,032 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2007.12.12 17:21:30 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.001> in the current context! Error: Unable to interpret <[2007.12.12 17:21:25 | 000,041,621 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.dat> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\QSwitch.txt> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\DSwitch.txt> in the current context! Error: Unable to interpret <[2007.12.12 17:02:10 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Local\AtStart.txt> in the current context! Error: Unable to interpret <[2007.08.18 10:37:05 | 000,000,320 | ---- | C] () -- C:\ProgramData\hpzinstall.log> in the current context! Error: Unable to interpret <[2007.02.27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini> in the current context! Error: Unable to interpret <[2006.12.14 08:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll> in the current context! Error: Unable to interpret <[2006.12.14 08:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll> in the current context! Error: Unable to interpret <[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll> in the current context! Error: Unable to interpret <[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll> in the current context! Error: Unable to interpret <[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll> in the current context! Error: Unable to interpret <[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini> in the current context! Error: Unable to interpret <[2006.03.10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll> in the current context! Error: Unable to interpret <[2005.05.07 14:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll> in the current context! Error: Unable to interpret <[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <@Alternate Data Stream - 48 bytes -> C:\Windows:CD18E6804605E78C> in the current context! Error: Unable to interpret << End of report > > in the current context! OTL by OldTimer - Version 3.2.15.1 log created on 10122010_155250 |
12.10.2010, 15:16 | #14 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( Hi, immer noch nicht richtig, den folgenden Text in das Fenster von OTL kopieren, nicht das OTL-Log in das OTL-Fenster kopieren, nur die Ruhe ;o)... Fix für OTL:
Code:
ATTFilter :OTL DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [dfrgsnapnt.exe] C:\Users\Florian\AppData\Local\Temp\dfrgsnapnt.exe () O4 - HKCU..\Run: [fheydbueyj.exe] C:\fheydbueyj.exe\fheydbueyj.exe () O4 - HKCU..\Run: [Pbucidequb] C:\Users\Florian\AppData\Local\dizicd.DLL () O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\AutoRun\command - "" = H:\EmDesk.exe -- File not found O33 - MountPoints2\{a126996f-9408-11de-b8f8-001b24e0d214}\Shell\EmDesk\command - "" = H:\EmDesk.exe -- File not found [2010.10.12 09:28:00 | 000,001,507 | ---- | M] () -- C:\Users\Florian\Desktop\pornotube.com.lnk [2010.10.12 09:28:00 | 000,001,503 | ---- | M] () -- C:\Users\Florian\Desktop\nudetube.com.lnk [2010.10.12 09:28:00 | 000,001,499 | ---- | M] () -- C:\Users\Florian\Desktop\youporn.com.lnk [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\troj000.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam003.exe [2010.10.12 09:28:00 | 000,000,001 | ---- | M] () -- C:\Users\Florian\Desktop\spam001.exe [2008.09.11 19:00:55 | 000,082,432 | ---- | C] () -- C:\Users\Florian\AppData\Local\dizicd.dll @Alternate Data Stream - 48 bytes -> C:\Windows:CD18E6804605E78C :Commands [emptytemp] [Reboot]
chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
12.10.2010, 15:17 | #15 |
| tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( ich hoffe ich hab das jetzt so hinbekommen dass sich antivir nicht startet. jetzt neu starten oder soll ich noch warten bis du was zu den logfiles gesagt hast? ich warte lieber noch, muss jetzt eh weg und komme erst heute nacht wieder. vielen dank jedenfalls schon mal!!!!!!!!!!!!!!!! |
Themen zu tr/crypt.xpack.gen3 ich hab von nix ne ahnung : ((( |
ahnung, andere, anleitung, avira, gestern, guter, hoffnung, laufe, laufen, leitung, nacht, rechner, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen3, troja, trojaner, vorgehen |