Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.01.2011, 13:22   #1
Rockhofener
 
AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll - Standard

AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll



Hallo und frohes neues Jahr.

Bin ganz neu hier im Forum und hoffe auf eure Unterstützung. Mein Avira hat gefunden:

In der Datei 'C:\Windows\System32\config\systemprofile\AppData\Local\imezezoc.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Hier der OTL-File
Was muss ich tun????OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.01.2011 13:05:34 - Run 1
OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\Jones\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 57,21 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 71,66 Gb Free Space | 51,01% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,31 Gb Free Space | 16,73% Space Free | Partition Type: FAT
 
Computer Name: JONES-LAPPY | User Name: Jones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jones\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\o2 Verbindungsmanager\BRService.exe (BandRich Inc.)
PRC - C:\Program Files\o2 Verbindungsmanager\CManager.exe (BandRich Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Users\Jones\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jones\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SysHook.dll (Acer Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BandLuxe_Service) -- C:\Program Files\o2 Verbindungsmanager\BRService.exe (BandRich Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (NTIBackupSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (br3gmdm) -- C:\Windows\System32\drivers\br3gmdm.sys (BandRich Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (A310) -- C:\Windows\System32\drivers\AVerA310USB.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (BDASwCap) -- C:\Windows\System32\drivers\AVerA310Cap.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0509&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0509&m=aspire_6930g
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0509&m=aspire_6930g
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.1und1.de/?ref=EasyLogin
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {E9BD34E2-E513-4215-8ECF-525A63A0ADF9}:1.9.1
FF - prefs.js..extensions.enabledItems: {19F5303C-453A-406D-B0E9-6FFAA07D5F63}:1.9.1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{E9BD34E2-E513-4215-8ECF-525A63A0ADF9}: C:\Windows\system32\config\systemprofile\AppData\Local\{E9BD34E2-E513-4215-8ECF-525A63A0ADF9}\ [2010.12.22 12:43:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{19F5303C-453A-406D-B0E9-6FFAA07D5F63}: C:\Users\Jones\AppData\Local\{19F5303C-453A-406D-B0E9-6FFAA07D5F63} [2010.12.23 15:42:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.30 00:29:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.30 00:29:20 | 000,000,000 | ---D | M]
 
[2010.10.02 15:20:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jones\AppData\Roaming\mozilla\Extensions
[2010.10.02 15:20:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jones\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2011.01.02 03:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jones\AppData\Roaming\mozilla\Firefox\Profiles\0eoebr5k.default\extensions
[2010.05.02 10:25:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jones\AppData\Roaming\mozilla\Firefox\Profiles\0eoebr5k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.12 23:31:57 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jones\AppData\Roaming\mozilla\Firefox\Profiles\0eoebr5k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.02 03:24:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.04 23:23:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.23 15:42:00 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\JONES\APPDATA\LOCAL\{19F5303C-453A-406D-B0E9-6FFAA07D5F63}
[2010.12.22 12:43:23 | 000,000,000 | ---D | M] (XULRunner) -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\{E9BD34E2-E513-4215-8ECF-525A63A0ADF9}
[2010.06.04 23:23:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Gsezozabulamufoy] C:\Windows\System32\config\systemprofile\AppData\Local\imezezoc.DLL File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jones\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\Transfer\Rockhofener\Jubimaschine\MBAviationImagesRichthofenBandAchtFr.jpg
O24 - Desktop BackupWallPaper: D:\Transfer\Rockhofener\Jubimaschine\MBAviationImagesRichthofenBandAchtFr.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3351f0b8-43a8-11de-a645-00238b6afaa8}\Shell - "" = AutoRun
O33 - MountPoints2\{3351f0b8-43a8-11de-a645-00238b6afaa8}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{3351f0b8-43a8-11de-a645-00238b6afaa8}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe -- File not found
O33 - MountPoints2\{4fe6ea2d-6fb8-11de-aa47-8000600fe800}\Shell\AutoRun\command - "" = I:\Menu.exe -- File not found
O33 - MountPoints2\{832e1beb-8113-11de-ab2e-8000600fe800}\Shell - "" = AutoRun
O33 - MountPoints2\{832e1beb-8113-11de-ab2e-8000600fe800}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b9ecfd7b-50b9-11df-85af-00238b6afaa8}\Shell\AutoRun\command - "" = H:\Menu.exe -- File not found
O33 - MountPoints2\{c6540ced-bff3-11de-b56e-00238b6afaa8}\Shell\AutoRun\command - "" = H:\Toshiba\more4you.exe -- File not found
O33 - MountPoints2\{cc743eab-c36f-11df-8ff7-00238b6afaa8}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{e3988475-5bc7-11de-8291-8000600fe800}\Shell\AutoRun\command - "" = F:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{e3988475-5bc7-11de-8291-8000600fe800}\Shell\dismount\command - "" = F:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{e3988475-5bc7-11de-8291-8000600fe800}\Shell\start\command - "" = F:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{e8471dd3-9fab-11de-a597-00238b6afaa8}\Shell\AutoRun\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\{e8471dd3-9fab-11de-a597-00238b6afaa8}\Shell\verb\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\{e8471ea9-9fab-11de-a597-00238b6afaa8}\Shell - "" = AutoRun
O33 - MountPoints2\{e8471ea9-9fab-11de-a597-00238b6afaa8}\Shell\AutoRun\command - "" = H:\AUTORUN_o2Surfstick.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.23 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab Video Converter
[2010.12.23 15:42:00 | 000,000,000 | ---D | C] -- C:\Users\Jones\AppData\Local\{19F5303C-453A-406D-B0E9-6FFAA07D5F63}
[2010.12.22 11:48:27 | 000,000,000 | ---D | C] -- C:\Users\Jones\Documents\AVS4YOU
[2010.12.22 10:40:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.12.22 10:40:28 | 000,000,000 | ---D | C] -- C:\Users\Jones\AppData\Roaming\AVS4YOU
[2010.12.22 10:34:12 | 000,000,000 | ---D | C] -- C:\Users\Jones\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2010.12.22 10:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2010.12.22 10:32:04 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\libmfxsw32.dll
[2010.12.22 10:32:03 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\libmfxhw32.dll
[2010.12.22 10:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010.12.22 10:30:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010.12.22 10:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010.12.21 21:54:41 | 000,000,000 | ---D | C] -- C:\Users\Jones\Documents\IMx3SEVer6
[2010.12.21 21:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\PIXELA
[2010.12.21 20:14:13 | 000,000,000 | ---D | C] -- C:\Users\Jones\Desktop\hochzeitsvideo
[2010.12.17 21:53:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.17 21:53:30 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.17 21:53:30 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.17 21:53:30 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.17 21:53:29 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.17 21:53:27 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.17 21:53:25 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.17 21:53:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.17 21:53:25 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.17 21:53:22 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.17 21:53:21 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.17 21:53:19 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.17 21:53:18 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.12.17 21:53:18 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.17 21:53:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.12.10 18:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2008.11.28 03:43:27 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.02 12:59:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.02 11:17:39 | 000,621,952 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.02 11:17:39 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.02 11:17:39 | 000,123,852 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.02 11:17:39 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.02 11:13:57 | 000,242,923 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.01.02 11:12:49 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.02 11:12:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.02 11:12:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.02 11:12:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.02 11:12:09 | 3215,826,944 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.02 11:06:32 | 000,051,712 | ---- | M] () -- C:\Users\Jones\Desktop\endfassungen.MSWMM
[2011.01.02 10:05:57 | 000,002,339 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.02 08:57:50 | 000,242,923 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.01.01 03:06:00 | 000,000,000 | ---- | M] () -- C:\Users\Jones\AppData\Local\Umuyuteroyow.bin
[2011.01.01 03:05:59 | 000,000,120 | ---- | M] () -- C:\Users\Jones\AppData\Local\Vpoluresiqaquzuw.dat
[2010.12.30 00:29:21 | 000,001,688 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.23 15:36:31 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.12.22 17:48:14 | 000,229,376 | ---- | M] () -- C:\Users\Jones\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.22 10:37:45 | 000,409,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.22 10:34:14 | 000,001,050 | ---- | M] () -- C:\Users\Jones\Desktop\AVS4YOU Software Navigator.lnk
[2010.12.22 10:33:04 | 000,000,958 | ---- | M] () -- C:\Users\Jones\Desktop\AVS Video Editor.lnk
[2010.12.21 19:57:25 | 000,007,592 | ---- | M] () -- C:\Users\Jones\AppData\Local\d3d9caps.dat
[2010.12.13 17:56:26 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010.12.13 17:55:52 | 010,915,840 | ---- | M] (Intel Corporation) -- C:\Windows\System32\libmfxhw32.dll
[2010.12.13 17:55:48 | 010,833,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\libmfxsw32.dll
 
========== Files Created - No Company Name ==========
 
[2011.01.02 11:06:32 | 000,051,712 | ---- | C] () -- C:\Users\Jones\Desktop\endfassungen.MSWMM
[2010.12.30 00:29:21 | 000,001,688 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.23 15:42:10 | 000,000,120 | ---- | C] () -- C:\Users\Jones\AppData\Local\Vpoluresiqaquzuw.dat
[2010.12.23 15:42:10 | 000,000,000 | ---- | C] () -- C:\Users\Jones\AppData\Local\Umuyuteroyow.bin
[2010.12.22 10:34:14 | 000,001,050 | ---- | C] () -- C:\Users\Jones\Desktop\AVS4YOU Software Navigator.lnk
[2010.12.22 10:33:04 | 000,000,958 | ---- | C] () -- C:\Users\Jones\Desktop\AVS Video Editor.lnk
[2010.10.22 09:41:36 | 000,004,096 | -H-- | C] () -- C:\Users\Jones\AppData\Local\keyfile3.drm
[2010.03.19 21:56:48 | 000,126,464 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.10.30 09:45:35 | 000,000,046 | ---- | C] () -- C:\Windows\Speed.INI
[2009.07.01 16:32:08 | 000,000,110 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini
[2009.07.01 14:32:08 | 000,000,000 | ---- | C] () -- C:\Windows\asym.ini
[2009.06.14 12:36:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.21 14:11:18 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.05.21 14:10:48 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.05.18 14:10:21 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009.05.18 13:32:46 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.05.16 17:36:18 | 000,229,376 | ---- | C] () -- C:\Users\Jones\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.16 17:23:41 | 000,242,923 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.16 17:21:50 | 000,242,923 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.05.16 15:52:06 | 000,003,531 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.05.16 15:10:19 | 000,007,592 | ---- | C] () -- C:\Users\Jones\AppData\Local\d3d9caps.dat
[2008.11.28 03:41:42 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.11.27 20:26:09 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.11.27 20:26:09 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.11.27 19:54:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.11.27 19:45:50 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2009.05.26 20:22:17 | 000,000,000 | -HSD | M] -- C:\Users\Jones\AppData\Roaming\.#
[2009.09.15 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\1&1
[2008.11.27 20:21:02 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\Acer GameZone Console
[2009.05.19 14:33:08 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\Cakewalk
[2009.05.18 13:32:36 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\DAEMON Tools
[2010.10.12 23:31:56 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.05.16 17:04:32 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\eSobi
[2009.05.17 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\Gaijin Ent
[2011.01.02 09:04:01 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\ICQ
[2009.05.21 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\MAGIX
[2009.05.17 00:17:40 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\PlayFirst
[2009.05.16 17:57:11 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\PowerCinema
[2010.10.02 15:20:37 | 000,000,000 | ---D | M] -- C:\Users\Jones\AppData\Roaming\TomTom
[2011.01.02 11:02:14 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
OTL Extras logfile created on: 02.01.2011 13:05:35 - Run 1
OTL by OldTimer - Version 3.2.20.0 Folder = C:\Users\Jones\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 57,21 Gb Free Space | 39,72% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 71,66 Gb Free Space | 51,01% Space Free | Partition Type: NTFS
Drive H: | 1,83 Gb Total Space | 0,31 Gb Free Space | 16,73% Space Free | Partition Type: FAT
 
Computer Name: JONES-LAPPY | User Name: Jones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A92C121-8F1A-4470-9B67-9A1220E02CDD}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1737E145-ACB0-40A0-A89F-360BAAC7BB6B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1FF0FB53-EC4A-4F9A-A748-E465BD53FEEE}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{24045C1D-C087-4EC8-9AF9-BD09A386CAB3}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{245082CD-9204-48BF-9FC6-E4105145DF97}" = lport=138 | protocol=17 | dir=in | app=system | 
"{267DCAFE-1F72-47F4-A9A4-196AA2B26AEB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{327BDB15-69F5-4D85-97FC-2785467C0307}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3BE50DE2-7131-4E7D-A291-EEB80C229503}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3EDC5160-56C4-404C-813E-CDC82863359D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{48A9BF9D-A284-45D2-AAFA-D0CF439BD216}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4B07B87B-5493-4725-BF43-335BEF6AC0F3}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{4F067E97-30FD-4255-807C-3FEFE06DF86B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{622F3E76-F210-4139-AABD-7A59229629BA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{687645A4-15D9-49A1-AF7E-95DA1CBE5B3A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{77CB80CF-DB8E-4402-AC4B-4A67CA01A145}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{7EE20C2D-898E-45FB-831B-2902433B0412}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{83D35944-D3D9-47AD-849B-B77C3A79C434}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{86CEB524-4A11-4C9F-944E-2C063EA791EA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{88A5CA96-5E8E-4408-9048-B5A82F748794}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D037BE2-D2A9-42C7-BFE0-1AF59ADFF167}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{97FB803A-480B-4441-BFDC-1A59797E0FF9}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A1DDD460-8B22-4C26-9B0A-F7C4BCB167B9}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A69D25FA-71A3-4805-8101-C76D886B26E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{B1BB9DAE-5603-4D73-839B-39D78D8052A5}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B402C245-4911-46CE-A7C4-9D19125297C5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B5EFFE74-F388-4AAA-987B-9E4F1C895F3B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B678A252-E4FB-4DF7-BDCA-AB0D310A0E96}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{BC4FB24C-D21E-4796-B762-062D557B3710}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{BF3A448C-C09F-4EF4-8BBA-00BF27DFB302}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{C2358868-28FA-4070-906A-51E67D9F3159}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D09ED56B-E230-47E0-8212-C141CC4D2362}" = rport=445 | protocol=6 | dir=out | app=system | 
"{EE9562BC-54FA-46FF-A8DC-F0A5898128DE}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F549C83F-4441-439A-A01E-BA204F7BAD83}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{FBE6F3DF-6E0A-441B-8FCA-3492044D83A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0858ABF2-1850-42D4-B599-C40001E8761B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{086EC653-FA0A-43FA-AF16-462B8014B700}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{08AF89A4-B2B7-48B5-B7B8-4079AB6CC83A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{10A81BA1-52AD-4E87-9658-5B10A7E71C1B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{148B3A7E-57B5-4EA4-8308-039A1058130F}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{18F17F9D-70AE-4246-AD64-DF8932B34E7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1D2699A9-AFA9-45E2-A695-2E93A3A8B4DB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{1E957802-7D42-4687-8ADD-3C35B35146A7}" = protocol=6 | dir=out | app=system | 
"{21D66CD9-03EF-48BB-9C3B-CEE7133F14AA}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe | 
"{2978079F-278E-4322-9304-495E4DB48F00}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\bumbastika\counter-strike source\hl2.exe | 
"{2ECB4E8B-F80C-49FC-A3F9-11103CAD2E28}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{353917B1-6128-4DBC-BF53-BD5938F4E412}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{3BE5473D-7C67-474F-9BC8-627E6687B9A6}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{3D101548-D3E0-4352-9BE3-C3AA5100E30D}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{463440D0-C136-4363-BB4B-6BAE6AAD4B2C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{5920254E-3858-4C68-9994-43DF6AEFDA8B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe | 
"{5CA7D81D-F69D-4E4A-8E73-0F75E99A62A0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{601F1F4B-97D8-4E88-9971-4F614965E0FD}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\bumbastika\counter-strike source\hl2.exe | 
"{63A800EA-0D37-4543-B83A-896527C3A505}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6CEDC1AA-E093-492F-8834-AC8C30ED8A69}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6F1D1B27-7BF8-460D-8D39-D49E26D98EFD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7115C579-8AA4-4537-B95E-1613032DF07D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{77D3C692-2DB7-4551-9DDF-1E90BD2A4E2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7AAA7D8A-DD25-43B9-A9E7-6C4603F4EA3F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{86D24BD9-3A52-4A6D-808A-611CF7EA8472}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{8844C102-F83F-40D9-92F3-D9059E3A0A62}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{8CD85602-DA40-46F2-820F-4FADE78CF4CE}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{940469E4-4C7C-42FE-8827-77B2BC360C22}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{9D171043-D6CB-4413-97F3-FBC1C0B9B607}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9DBBAEBE-39B7-4BA8-811B-DAF7BC7508FD}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{A08DFB95-ED70-48AF-9BC8-EBA54A1B280F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{A1FD9C47-AA4F-48AD-B523-7C93D99152AD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A6679CBE-B2B1-43B8-A0F6-57BB4284EEBB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{B112C92A-3AFC-4F99-8C03-DF23F6102F9A}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{B2A73551-878A-4751-8521-9F1B07D776C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B3A1984D-5A85-4C8E-B933-EBE0E1BDC1C3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{B9DE9609-B655-48BB-A23C-7D89B5297552}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"{BC2A7BB4-192A-4E70-B019-2D189DA89F3F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BFD6F2B4-AB7D-4190-A596-AFCD1DFFB85B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{C1CF9554-9D54-44C7-9F76-FCE849912332}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{C7E69E79-1E2D-41E7-A04B-DA852AD406E5}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe | 
"{C8318094-A15F-4BFF-9EA3-A46DBF72B8C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CF11998B-8036-4A2C-ABC0-744CFDBB2AB0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D05E096C-18EC-4FCD-A856-7A9812963225}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe | 
"{DAE1FEC5-24BA-4D20-8625-B502565A3151}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EA4E213C-9982-4A14-842F-AF09881CC865}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{EF5D0301-041E-4139-961D-8E10C5B42D82}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{FA0E3BAB-7B8E-49F6-A8AF-73CA724FFDEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FE035979-3FB6-43AF-B33A-B0C3751E2F06}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{070A0E2B-0EE5-4DE3-B4A5-AFAE00DAA864}D:\cs + mods\half-life lan\hl.exe" = protocol=6 | dir=in | app=d:\cs + mods\half-life lan\hl.exe | 
"TCP Query User{07736C32-B23E-460B-8942-2B7ABABF46B5}H:\spiele\cs + mods\half-life lan\hl.exe" = protocol=6 | dir=in | app=h:\spiele\cs + mods\half-life lan\hl.exe | 
"TCP Query User{0F6EAA3E-0901-4ABF-B28E-41B0930ABB18}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{1E27EBAB-B687-40F5-AD9E-773C2FDB1188}C:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe | 
"TCP Query User{5601A8C1-8DEA-45FD-B2B8-6A74B350F394}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{6A667FB3-645B-44DF-9B36-5EA0D51AA8C6}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"TCP Query User{6E1465E9-619F-4402-B2DC-305853D6A159}C:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe | 
"TCP Query User{B583BF37-D451-4C39-ABD1-5F167E08F001}C:\users\jones\saved games\cs + mods\half-life lan\hl.exe" = protocol=6 | dir=in | app=c:\users\jones\saved games\cs + mods\half-life lan\hl.exe | 
"TCP Query User{D0163312-76E3-4DE3-BD09-85C1CE4171E2}C:\users\jones\saved games\cs + mods\half-life lan\hl.exe" = protocol=6 | dir=in | app=c:\users\jones\saved games\cs + mods\half-life lan\hl.exe | 
"TCP Query User{E7E2E446-3D80-499E-805A-2CF3C265963A}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe | 
"UDP Query User{0C11AE68-AF92-4560-B19C-CD6BD11FB0A1}D:\cs + mods\half-life lan\hl.exe" = protocol=17 | dir=in | app=d:\cs + mods\half-life lan\hl.exe | 
"UDP Query User{404C84B8-FFB4-4CA7-9FF4-594D95FA19CD}C:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe | 
"UDP Query User{57ABBFDC-F00E-4FA9-AB09-7804065805C6}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{73AE7C5D-25FD-41F6-8D74-8D75C1FE927C}C:\users\jones\saved games\cs + mods\half-life lan\hl.exe" = protocol=17 | dir=in | app=c:\users\jones\saved games\cs + mods\half-life lan\hl.exe | 
"UDP Query User{755F9370-2B21-43CB-9E37-A2C9784D095E}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{878E3B6C-A38D-43EB-A330-B5C19444DE45}H:\spiele\cs + mods\half-life lan\hl.exe" = protocol=17 | dir=in | app=h:\spiele\cs + mods\half-life lan\hl.exe | 
"UDP Query User{89414AF8-4D0B-4D50-A223-983D5B032F3E}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | 
"UDP Query User{AEB7E875-74BD-4B83-92A1-B359534223CF}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe | 
"UDP Query User{C431D75A-D855-4A80-9A70-65AC2B566A5D}C:\users\jones\saved games\cs + mods\half-life lan\hl.exe" = protocol=17 | dir=in | app=c:\users\jones\saved games\cs + mods\half-life lan\hl.exe | 
"UDP Query User{F88CE8AB-D319-471F-A2C7-42268922AB64}C:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw_lanfixed.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi-Software
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}" = o2 Verbindungsmanager
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2A05B5-A80C-4F33-A388-51D46790AC9F}" = VAG-COM 311 Deutsch
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90AF0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EC14056-1A97-11D8-A8F3-0050DA519711}" = VAG-COM 303 Deutsch
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-09-21 16:18
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube Download_is1" = Free YouTube Download 2.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"FTDICOMM" = FTDI USB Serial Converter Drivers
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SONAR6Producer_is1" = SONAR 6 Producer Edition
"Steam App 240" = Counter-Strike: Source
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Uninstall_is1" = Uninstall 1.0.0.1
"VentriloMIX" = VentriloMIX
"VLC media player" = VLC media player 0.9.9
"WIB-Wachdienst in der Bundeswehr_is1" = WIB V1.0
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip" = WinZip
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.12.2010 13:33:39 | Computer Name = Jones-Lappy | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SONARPDR.exe, Version 15.0.0.203, Zeitstempel
0x45058338, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005, Zeitstempel
0x49e037dd, Ausnahmecode 0xe06d7363, Fehleroffset 0x0003fbae, Prozess-ID 0xe30, 
Anwendungsstartzeit 01cb99352b3e6f64.
 
Error - 15.12.2010 13:07:57 | Computer Name = Jones-Lappy | Source = RasClient | ID = 20227
Description = 
 
Error - 17.12.2010 17:13:47 | Computer Name = Jones-Lappy | Source = WinMgmt | ID = 10
Description = 
 
Error - 17.12.2010 17:13:47 | Computer Name = Jones-Lappy | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 17.12.2010 17:13:47 | Computer Name = Jones-Lappy | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 17.12.2010 17:15:50 | Computer Name = Jones-Lappy | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 18.12.2010 10:16:34 | Computer Name = Jones-Lappy | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SONARPDR.EXE, Version 15.0.0.203, Zeitstempel
0x45058338, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000374, Fehleroffset 0x000afaf8, Prozess-ID 0x142c, Anwendungsstartzeit
01cb9eacc0316fe0.
 
Error - 20.12.2010 16:38:01 | Computer Name = Jones-Lappy | Source = RasClient | ID = 20227
Description = 
 
Error - 21.12.2010 16:44:06 | Computer Name = Jones-Lappy | Source = VSS | ID = 8194
Description = 
 
Error - 21.12.2010 16:52:55 | Computer Name = Jones-Lappy | Source = VSS | ID = 8194
Description = 
 
[ Media Center Events ]
Error - 12.12.2010 09:00:57 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 34
Description = Ereignisinformationen: Ermittlungsdienst: Unerwarteter Fehler. Der
TV-Programmlistendienst ist zurzeit nicht verfügbar. Wiederholen Sie den Vorgang
später. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 17.12.2010 16:49:21 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
 
 
Error - 23.12.2010 10:44:53 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
 
 
Error - 24.12.2010 11:23:54 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 25.12.2010 06:21:32 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 25.12.2010 06:23:32 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 27.12.2010 05:12:51 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 27.12.2010 14:47:26 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 28.12.2010 19:17:14 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
Error - 29.12.2010 09:21:23 | Computer Name = Jones-Lappy | Source = Media Center Guide | ID = 3
Description = Ereignisinformationen: Fehler beim Starten des Downloadvorgangs für
das TV-Programm. Der intelligente Hintergrundübertragungsdienst (BITS) muss installiert
sein. Weitere Informationen finden Sie im Hilfe- und Supportcenter. Prozess: DefaultDomain
Objektname:
Microsoft.Ehome.Epg.EhepgdatSingleton 
 
[ OSession Events ]
Error - 16.07.2009 01:47:46 | Computer Name = Jones-Lappy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 67104 seconds with 11280 seconds of active time. This session ended with
a crash.
 
[ System Events ]
Error - 24.12.2010 15:12:21 | Computer Name = Jones-Lappy | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 25.12.2010 06:21:32 | Computer Name = Jones-Lappy | Source = DCOM | ID = 10010
Description = 
 
Error - 27.12.2010 05:12:50 | Computer Name = Jones-Lappy | Source = DCOM | ID = 10010
Description = 
 
Error - 27.12.2010 05:24:57 | Computer Name = Jones-Lappy | Source = DCOM | ID = 10005
Description = 
 
Error - 28.12.2010 19:17:14 | Computer Name = Jones-Lappy | Source = DCOM | ID = 10010
Description = 
 
Error - 29.12.2010 09:22:48 | Computer Name = Jones-Lappy | Source = DCOM | ID = 10005
Description = 
 
Error - 29.12.2010 09:46:30 | Computer Name = Jones-Lappy | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 30.12.2010 18:43:59 | Computer Name = Jones-Lappy | Source = Service Control Manager | ID = 7032
Description = 
 
Error - 01.01.2011 21:28:17 | Computer Name = Jones-Lappy | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 02.01.2011 um 02:26:21 unerwartet heruntergefahren.
 
Error - 02.01.2011 06:12:29 | Computer Name = Jones-Lappy | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 02.01.2011 um 11:10:40 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---

Alt 03.01.2011, 10:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll - Standard

AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll



Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Alt 04.01.2011, 20:14   #3
Rockhofener
 
AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll - Standard

AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll



Nochmal Hallo und Danke für die fixe Antwort.

Hab die Anleitung befolgt und hier ist der Log.....komischer Weise steht da aber nichts von dieser dll-Datei drin???

Was jetzt?

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5458

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

04.01.2011 20:08:49
mbam-log-2011-01-04 (20-08-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 297073
Laufzeit: 1 Stunde(n), 4 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Gsezozabulamufoy (Trojan.Agent.U) -> Value: Gsezozabulamufoy -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Antwort

Themen zu AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll
antivir, avgntflt.sys, avira, bho, call of duty, corp./icp, counter-strike source, desktop, error, excel, failed, firefox, firefox.exe, flash player, google earth, home, home premium, iastor.sys, install.exe, launch, location, logfile, media center, microsoft office word, mp3, ntdll.dll, nvlddmkm.sys, nvstor.sys, office 2007, oldtimer, otl.exe, plug-in, popup, programdata, programm, realtek, registry, saver, scan, sched.exe, searchplugins, security update, shell32.dll, skype.exe, software, sptd.sys, start menu, starten, studio, svchost.exe, system, tr/crypt.xpack.ge, tr/crypt.xpack.gen, usb 2.0, virus, vista, visual studio, vlc media player, windows, world at war




Ähnliche Themen: AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll


  1. tr/crypt.xpack.gen3 und AVIRA
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (3)
  2. avira findet : tr/crypt.zpack.36522 ,tr/crypt.xpack.gen ,adware/installcore.gen
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (4)
  3. Trojaner TR/Crypt.XPACK.Gen3 auf Vista Home Premium 32 Bit mit Avira Free
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (11)
  4. Avira Guard meldet TR/Crypt.XPACK.Gen3 - Trojaner
    Log-Analyse und Auswertung - 26.05.2013 (25)
  5. Avira findet Trojaner TR/Crypt.XPACK.Gen7 in jdk-7u2-windows-i586.exe
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (14)
  6. Avira schlägt bei Spielinstallation an: TR/Crypt.XPACK.Gen3
    Log-Analyse und Auswertung - 22.01.2012 (2)
  7. TR/Crypt.XPACK.Gen3 von Avira Antivir Personal gemeldet in C:\Windows\Temp\tmp...
    Log-Analyse und Auswertung - 26.12.2011 (24)
  8. Bluescreen nach Crypt.XPACK.Gen3 -Fund durch Avira
    Plagegeister aller Art und deren Bekämpfung - 10.05.2011 (6)
  9. AVIRA AntiVir findet TR/Crypt.XPACK.Gen3 und TR/Spy.399872.36
    Plagegeister aller Art und deren Bekämpfung - 31.03.2011 (26)
  10. TR/Crypt.XPACK.Gen3 in imezezoc.dll OTL-File ist da!
    Mülltonne - 10.01.2011 (1)
  11. Avira fand TR/Crypt.XPACK.Gen3. bin ich sicher?
    Plagegeister aller Art und deren Bekämpfung - 09.12.2010 (4)
  12. TR/Crypt.XPACK.Gen3 von Avira Guard gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.11.2010 (9)
  13. TR/Crypt.XPACK.Gen3 in C:\Users\***\AppData\Local\umevevukoviker.dll und JAVA/Agent.HN'
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (1)
  14. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  15. Avira findet tr/crypt.xpack.gen
    Log-Analyse und Auswertung - 21.04.2009 (13)
  16. Avira findet TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 26.03.2009 (8)
  17. Avira findet TR/Crypt.XPACK.Gen
    Log-Analyse und Auswertung - 18.09.2008 (0)

Zum Thema AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll - Hallo und frohes neues Jahr. Bin ganz neu hier im Forum und hoffe auf eure Unterstützung. Mein Avira hat gefunden: In der Datei 'C:\Windows\System32\config\systemprofile\AppData\Local\imezezoc.dll' wurde ein Virus oder unerwünschtes Programm - AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll...
Archiv
Du betrachtest: AVIRA findet TR/Crypt.XPACK.Gen3 in C:\Windows\..\..\..\\local\imezezoc.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.