Home » Viren, Trojaner & Malware Forum » RunDLL Fehler beim Laden, Modul nicht gefunden » Themenansicht
RunDLL Fehler beim Laden, Modul nicht gefunden |
|
|---|---|
|
12.03.2011, 23:02
...neu hier
Beiträge: 5 |
|
 
|
|
|
12.03.2011, 23:26
Moderator
Beiträge: 5694 |
#2
Schritt 1
Programme deinstallieren Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren. Code Ask ToolbarBerichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest. Schritt 2 Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf) Lade Malwarebytes Anti-Malware (ca. 2 MB) von diesem Downloadspiegel herunter: Malwarebytes * Anwendbar auf Windows 2000, XP, Vista und Windows 7. * Installiere das Programm in den vorgegebenen Pfad. * Denke daran, bei Vista das Programm als Admin zu starten, ansonsten per Doppelklick starten. * Lasse es online updaten (Reiter Updates), sofern sich das Programm bereits auf dem Rechner befand. * Aktiviere "Komplett Scan durchführen" => Scan. * Wähle alle verfügbaren Laufwerke aus und starte den Scan. * Wenn der Scan beendet ist, klicke auf "Zeige Resultate". * Bei Funden in C:\System Volume Information den Haken entfernen. Ansonsten wird dieser Systemwiederherstellungspunkt nicht mehr funktionieren. Er könnte jedoch trotz Malware noch gebraucht werden. * Versichere Dich, dass ansonsten alle Funde markiert sind und drücke "Löschen". * Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread. * Nachträglich kannst du den Bericht unter "Scan-Berichte" finden. * Berichte, wie der Rechner nun läuft. Schritt 3 CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop • Starte bitte die OTL.exe. Vista und Win7 User mit Rechtsklick "als Administrator starten" • Kopiere nun den Inhalt in die  Textbox.Code netsvcs • Schliesse bitte nun alle Programme. (Wichtig) • Klicke nun bitte auf den Quick Scan Button. • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread |
|
|
|
|
16.03.2011, 15:23
...neu hier
Themenstarter Beiträge: 5 |
#3
Hey danke hab bis Schritt 2 alles gemacht, aber das einzige was ich bei Malewarebytes bekommen hab ist dies
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6041 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 13.03.2011 14:18:16 mbam-log-2011-03-13 (14-18-16).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 438226 Laufzeit: 1 Stunde(n), 59 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Hab jetzt mal OTl durchlaufen lassen und hier sind die daten OTL logfile created on: 16.03.2011 17:46:19 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\Users\PC\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 225,99 Gb Total Space | 147,91 Gb Free Space | 65,45% Space Free | Partition Type: NTFS Drive D: | 226,03 Gb Total Space | 147,95 Gb Free Space | 65,46% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011.03.16 17:44:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Users\PC\Downloads\OTL.exe PRC - [2011.03.15 14:31:11 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgtray.exe PRC - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- D:\Programme\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\Programme\DAEMON Tools Lite\DTLite.exe PRC - [2010.12.08 19:12:50 | 003,501,056 | ---- | M] (SourceForge.net) -- D:\Programme\Password Safe\pwsafe.exe PRC - [2010.12.06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- D:\Spiele\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) -- D:\Spiele\LogMeIn Hamachi\hamachi-2.exe PRC - [2010.11.25 10:46:30 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgcsrvx.exe PRC - [2010.10.16 12:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- D:\Programme\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2010.09.27 11:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- D:\Programme\Cisco Systems\VPN Client\cvpnd.exe PRC - [2010.09.23 13:02:46 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgnsx.exe PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- D:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- D:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010.09.17 11:26:06 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgchsvx.exe PRC - [2010.09.17 11:26:06 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgemc.exe PRC - [2010.09.17 11:26:06 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgrsx.exe PRC - [2010.09.17 11:26:03 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programme\AVG\AVG9\avgwdsvc.exe PRC - [2010.09.16 21:04:06 | 001,164,584 | ---- | M] () -- D:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.09.15 14:43:34 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- D:\Users\PC\AppData\Local\Temp\RtkBtMnt.exe PRC - [2010.05.21 00:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- D:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2010.05.21 00:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- D:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2010.05.14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\Common Files\Java\Java Update\jucheck.exe PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- D:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.11.01 15:40:52 | 001,100,368 | ---- | M] (Dritek System Inc.) -- D:\Programme\Launch Manager\LManager.exe PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2009.09.30 14:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- D:\Programme\Acer\Acer ePower Management\ePowerTray.exe PRC - [2009.09.30 14:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- D:\Programme\Acer\Acer ePower Management\ePowerSvc.exe PRC - [2009.09.30 14:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- D:\Programme\Acer\Acer ePower Management\ePowerEvent.exe PRC - [2009.07.20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- D:\Programme\Logitech\SetPoint\SetPoint.exe PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- D:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe PRC - [2009.07.10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- D:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe PRC - [2008.09.18 18:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- D:\Windows\RtHDVCpl.exe PRC - [2008.08.19 14:27:22 | 000,024,576 | ---- | M] () -- D:\Programme\Acer\Empowering Technology\Service\ETService.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011.03.16 17:44:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Users\PC\Downloads\OTL.exe MOD - [2010.09.17 11:26:24 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Windows\System32\avgrsstx.dll MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.09.30 14:52:10 | 000,215,584 | ---- | M] (Acer Incorporated) -- D:\Programme\Acer\Acer ePower Management\SysHook.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011.03.16 15:17:22 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- D:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010.12.06 08:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Spiele\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.09.27 11:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2010.09.17 11:26:06 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010.09.17 11:26:03 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.09.30 14:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- D:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.07.20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- D:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.08.19 14:27:22 | 000,024,576 | ---- | M] () [Auto | Running] -- D:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011.02.18 11:16:21 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010.10.16 19:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010.09.27 11:56:00 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- D:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2010.09.17 11:26:22 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010.09.17 11:26:16 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010.09.17 11:26:12 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- D:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010.09.07 21:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- D:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.09.15 19:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R) DRV - [2009.07.21 07:13:24 | 000,005,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\hidshim.sys -- (hidshim) DRV - [2009.07.21 07:13:22 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R) DRV - [2009.06.17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.06.17 17:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2009.06.17 17:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\dne2000.sys -- (DNE) DRV - [2008.08.19 14:23:00 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- D:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006.08.04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- D:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.n24.de/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=15003&l=dis IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 DD 68 94 43 54 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.1.25 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: D:\Program Files\AVG\AVG9\Firefox [2010.11.25 10:47:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.03.05 10:40:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.03.05 10:40:21 | 000,000,000 | ---D | M] [2010.09.15 14:15:37 | 000,000,000 | ---D | M] (No name found) -- D:\Users\PC\AppData\Roaming\mozilla\Extensions [2011.03.15 19:38:35 | 000,000,000 | ---D | M] (No name found) -- D:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\7ms0rq9s.default\extensions [2010.12.01 10:54:33 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- D:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\7ms0rq9s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.02.18 11:16:13 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- D:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\7ms0rq9s.default\extensions\DTToolbar@toolbarnet.com [2011.03.13 12:00:44 | 000,002,396 | ---- | M] () -- D:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7ms0rq9s.default\searchplugins\askcom.xml [2011.02.18 11:16:05 | 000,002,059 | ---- | M] () -- D:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\7ms0rq9s.default\searchplugins\daemon-search.xml [2011.02.18 11:17:33 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions [2010.12.01 10:53:16 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.12.31 09:25:08 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.11.25 10:47:24 | 000,000,000 | ---D | M] (AVG Safe Search) -- D:\PROGRAM FILES\AVG\AVG9\FIREFOX [2010.12.01 10:53:16 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.12.31 09:25:08 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.17 18:29:45 | 000,001,392 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.17 18:29:45 | 000,002,344 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.17 18:29:45 | 000,006,805 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.17 18:29:45 | 000,001,178 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.17 18:29:45 | 000,001,105 | ---- | M] () -- D:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - D:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acer ePower Management] D:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4 - HKLM..\Run: [AVG9_TRAY] D:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DivXUpdate] D:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] D:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [LManager] D:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Logitech Download Assistant] File not found O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Spiele\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [PLFSetI] File not found O4 - HKLM..\Run: [RtHDVCpl] D:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = D:\Programme\Common Files\Logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) O4 - Startup: D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = D:\Programme\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk = D:\Programme\Password Safe\pwsafe.exe (SourceForge.net) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\PC\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: @D:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - D:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @D:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @D:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - D:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - D:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\LBTWlgn: DllName - d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - d:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: aux - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midi2 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - D:\Windows\System32\midimap.dll (Microsoft Corporation) Drivers32: mixer - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: mixer2 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.imaadpcm - D:\Windows\System32\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - D:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - D:\Windows\System32\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - D:\Windows\System32\msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - D:\Windows\System32\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.siren - D:\Windows\System32\sirenacm.dll (Microsoft Corporation) Drivers32: MSVideo8 - D:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - D:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - D:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: VIDC.IYUV - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.mrle - D:\Windows\System32\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - D:\Windows\System32\msvidc32.dll (Microsoft Corporation) Drivers32: VIDC.UYVY - D:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: VIDC.YUY2 - D:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yv12 - D:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.YVU9 - D:\Windows\System32\tsbyuv.dll (Microsoft Corporation) Drivers32: VIDC.YVYU - D:\Windows\System32\msyuv.dll (Microsoft Corporation) Drivers32: wave - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wave2 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - D:\Windows\System32\msacm32.drv (Microsoft Corporation) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.03.15 14:31:48 | 000,000,000 | -H-D | C] -- D:\ProgramData\Common Files [2011.03.14 18:36:40 | 000,000,000 | ---D | C] -- D:\Users\PC\Desktop\Neuer Ordner [2011.03.13 12:12:06 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Roaming\Malwarebytes [2011.03.13 12:08:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbamswissarmy.sys [2011.03.13 12:08:32 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.13 12:08:31 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes [2011.03.13 12:08:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys [2011.03.13 12:08:28 | 000,000,000 | ---D | C] -- D:\Programme\Malwarebytes' Anti-Malware [2011.03.12 22:49:07 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.03.12 22:49:03 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.03.12 22:49:02 | 000,000,000 | ---D | C] -- D:\Programme\CCleaner [2011.03.12 22:31:05 | 000,000,000 | ---D | C] -- D:\Windows\System32\EventProviders [2011.03.12 22:29:56 | 000,000,000 | ---D | C] -- D:\Programme\CONEXANT [2011.03.12 20:50:39 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Local\{345E24A0-E7D2-4943-B9A9-1376CC6140AB} [2011.03.12 13:18:25 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Roaming\DivX [2011.03.12 13:18:09 | 000,000,000 | ---D | C] -- D:\Programme\Common Files\PX Storage Engine [2011.03.12 13:17:56 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.03.12 13:17:48 | 000,000,000 | ---D | C] -- D:\Programme\Common Files\DivX Shared [2011.03.12 13:17:19 | 000,000,000 | ---D | C] -- D:\Programme\DivX [2011.03.12 13:15:29 | 000,000,000 | ---D | C] -- D:\ProgramData\DivX [2011.03.11 15:53:09 | 000,000,000 | ---D | C] -- D:\Users\PC\Documents\Studium [2011.03.09 19:35:33 | 000,000,000 | ---D | C] -- D:\Programme\Common Files\Skype [2011.03.09 19:35:33 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.03.07 18:58:08 | 000,000,000 | -H-D | C] -- D:\$AVG [2011.03.07 14:44:12 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Local\{2D99637C-5343-43F3-9A41-AE0EBA53CA4B} [2011.03.01 17:04:46 | 000,000,000 | ---D | C] -- D:\Users\PC\Documents\My Safes [2011.03.01 17:04:39 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Local\PasswordSafe [2011.03.01 17:04:28 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Password Safe [2011.03.01 17:04:27 | 000,000,000 | ---D | C] -- D:\Programme\Password Safe [2011.02.28 15:19:48 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Local\{13EB83A1-694E-47F8-A7C8-473CF09F5ECB} [2011.02.21 19:04:04 | 000,000,000 | ---D | C] -- D:\Programme\TeamViewer [2011.02.18 11:16:21 | 000,218,688 | ---- | C] (DT Soft Ltd) -- D:\Windows\System32\drivers\dtsoftbus01.sys [2011.02.18 11:16:07 | 000,000,000 | ---D | C] -- D:\Programme\DAEMON Tools Toolbar [2011.02.18 11:16:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.02.18 11:15:59 | 000,000,000 | ---D | C] -- D:\Programme\DAEMON Tools Lite [2011.02.18 11:10:43 | 000,000,000 | ---D | C] -- D:\Users\PC\AppData\Roaming\DAEMON Tools Lite [2011.02.18 11:10:43 | 000,000,000 | ---D | C] -- D:\ProgramData\DAEMON Tools Lite [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.03.16 17:31:24 | 000,000,000 | ---- | M] () -- D:\Users\PC\AppData\Local\prvlcl.dat [2011.03.16 16:52:28 | 000,001,088 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.16 15:23:30 | 000,013,248 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.16 15:23:30 | 000,013,248 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.16 15:16:14 | 000,001,084 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.16 15:15:49 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2011.03.16 15:15:44 | 2411,888,640 | -HS- | M] () -- D:\hiberfil.sys [2011.03.16 11:56:40 | 072,685,715 | ---- | M] () -- D:\Windows\System32\drivers\Avg\incavi.avm [2011.03.15 20:00:01 | 000,009,544 | ---- | M] () -- D:\Users\PC\Desktop\arbeitszeit.ods [2011.03.15 16:08:48 | 000,003,355 | ---- | M] () -- D:\Users\PC\Desktop\RapidSolution.rtf [2011.03.15 16:04:26 | 000,006,475 | ---- | M] () -- D:\Users\PC\Desktop\billing_370248975_4d7f7fd06184d.pdf [2011.03.15 14:28:14 | 000,654,166 | ---- | M] () -- D:\Windows\System32\perfh007.dat [2011.03.15 14:28:14 | 000,616,008 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2011.03.15 14:28:14 | 000,130,006 | ---- | M] () -- D:\Windows\System32\perfc007.dat [2011.03.15 14:28:14 | 000,106,388 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2011.03.13 12:08:32 | 000,001,071 | ---- | M] () -- D:\Users\PC\Malwarebytes' Anti-Malware.lnk [2011.03.12 22:49:08 | 000,002,205 | ---- | M] () -- D:\Users\PC\Google Chrome.lnk [2011.03.12 22:49:03 | 000,000,969 | ---- | M] () -- D:\Users\PC\CCleaner.lnk [2011.03.12 13:18:39 | 000,001,583 | ---- | M] () -- D:\Users\PC\DivX Movies.lnk [2011.03.12 13:18:21 | 000,001,086 | ---- | M] () -- D:\Users\Public\Desktop\DivX Plus Player.lnk [2011.03.12 13:18:00 | 000,001,126 | ---- | M] () -- D:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.03.10 17:20:15 | 000,002,552 | ---- | M] () -- D:\Windows\tasks\hpwebreg_CN09N2D1SF05HX.job [2011.03.09 15:06:13 | 000,000,218 | ---- | M] () -- D:\Users\PC\Desktop\Dokument.rtf [2011.03.08 18:37:10 | 000,010,232 | ---- | M] () -- D:\Users\PC\Desktop\Trainingserfolg.odt [2011.03.07 14:42:12 | 000,015,272 | ---- | M] () -- D:\Users\PC\Desktop\Training.odt [2011.03.05 14:15:27 | 000,001,328 | ---- | M] () -- D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2011.03.01 17:04:28 | 000,001,034 | ---- | M] () -- D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2011.03.01 17:04:28 | 000,000,992 | ---- | M] () -- D:\Users\PC\Desktop\Password Safe.lnk [2011.02.21 19:04:11 | 000,001,124 | ---- | M] () -- D:\Users\Public\Desktop\TeamViewer 6.lnk [2011.02.18 11:16:21 | 000,218,688 | ---- | M] (DT Soft Ltd) -- D:\Windows\System32\drivers\dtsoftbus01.sys [2011.02.18 11:16:01 | 000,001,900 | ---- | M] () -- D:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.02.16 15:57:25 | 000,000,308 | ---- | M] () -- D:\Users\PC\Desktop\wlan.rtf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.03.15 16:08:47 | 000,003,355 | ---- | C] () -- D:\Users\PC\Desktop\RapidSolution.rtf [2011.03.15 16:04:25 | 000,006,475 | ---- | C] () -- D:\Users\PC\Desktop\billing_370248975_4d7f7fd06184d.pdf [2011.03.13 12:08:32 | 000,001,071 | ---- | C] () -- D:\Users\PC\Malwarebytes' Anti-Malware.lnk [2011.03.12 22:49:08 | 000,002,205 | ---- | C] () -- D:\Users\PC\Google Chrome.lnk [2011.03.12 22:49:03 | 000,000,969 | ---- | C] () -- D:\Users\PC\CCleaner.lnk [2011.03.12 22:47:09 | 000,001,088 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.03.12 22:47:08 | 000,001,084 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.03.12 13:18:39 | 000,001,583 | ---- | C] () -- D:\Users\PC\DivX Movies.lnk [2011.03.12 13:18:21 | 000,001,086 | ---- | C] () -- D:\Users\Public\Desktop\DivX Plus Player.lnk [2011.03.12 13:18:00 | 000,001,126 | ---- | C] () -- D:\Users\Public\Desktop\DivX Plus Converter.lnk [2011.03.09 15:06:12 | 000,000,218 | ---- | C] () -- D:\Users\PC\Desktop\Dokument.rtf [2011.03.08 18:37:08 | 000,010,232 | ---- | C] () -- D:\Users\PC\Desktop\Trainingserfolg.odt [2011.03.07 16:40:53 | 000,009,544 | ---- | C] () -- D:\Users\PC\Desktop\arbeitszeit.ods [2011.03.05 14:15:27 | 000,001,328 | ---- | C] () -- D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2011.03.01 17:04:28 | 000,000,992 | ---- | C] () -- D:\Users\PC\Desktop\Password Safe.lnk [2011.03.01 17:04:27 | 000,001,034 | ---- | C] () -- D:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2011.02.21 19:04:11 | 000,001,136 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk [2011.02.21 19:04:11 | 000,001,124 | ---- | C] () -- D:\Users\Public\Desktop\TeamViewer 6.lnk [2011.02.18 11:16:01 | 000,001,900 | ---- | C] () -- D:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.02.16 15:57:25 | 000,000,308 | ---- | C] () -- D:\Users\PC\Desktop\wlan.rtf [2011.02.07 17:10:03 | 000,139,128 | ---- | C] () -- D:\Windows\System32\drivers\PnkBstrK.sys [2011.02.07 17:09:57 | 000,138,056 | ---- | C] () -- D:\Users\PC\AppData\Roaming\PnkBstrK.sys [2011.02.07 17:09:25 | 000,215,128 | ---- | C] () -- D:\Windows\System32\PnkBstrB.exe [2011.02.07 17:09:24 | 002,434,856 | ---- | C] () -- D:\Windows\System32\pbsvc_bc2.exe [2011.02.07 17:09:24 | 000,075,064 | ---- | C] () -- D:\Windows\System32\PnkBstrA.exe [2011.02.06 14:59:17 | 000,106,496 | ---- | C] () -- D:\Windows\FixUVC.exe [2011.02.06 14:59:17 | 000,000,074 | ---- | C] () -- D:\Windows\PidList.ini [2011.01.16 12:09:42 | 000,245,194 | ---- | C] () -- D:\Windows\hpoins19.dat [2011.01.16 12:09:42 | 000,013,898 | ---- | C] () -- D:\Windows\hpomdl19.dat [2010.12.31 12:32:46 | 000,487,424 | ---- | C] () -- D:\Windows\System32\INT15.dll [2010.11.20 10:56:18 | 000,001,222 | ---- | C] () -- D:\Users\PC\AppData\Roaming\wklnhst.dat [2010.11.20 10:44:54 | 000,000,400 | ---- | C] () -- D:\Windows\ODBC.INI [2010.11.08 20:13:51 | 000,000,032 | ---- | C] () -- D:\Windows\Menu.INI [2010.09.27 12:03:08 | 000,201,512 | ---- | C] () -- D:\Windows\System32\vpnapi.dll [2010.09.24 07:04:37 | 000,000,101 | ---- | C] () -- D:\Windows\Lexstat.ini [2010.09.21 13:30:09 | 000,000,000 | ---- | C] () -- D:\Users\PC\AppData\Local\prvlcl.dat [2010.09.18 11:33:32 | 000,007,168 | ---- | C] () -- D:\Windows\System32\drivers\StarOpen.sys [2010.09.15 14:41:40 | 000,001,694 | ---- | C] () -- D:\Windows\RtDefLvl.ini [2010.09.15 14:41:40 | 000,000,520 | ---- | C] () -- D:\Windows\System32\drivers\RTEQEX2.dat [2010.09.15 14:41:40 | 000,000,520 | ---- | C] () -- D:\Windows\System32\drivers\RTEQEX1.dat [2010.09.15 14:41:40 | 000,000,520 | ---- | C] () -- D:\Windows\System32\drivers\RTEQEX0.dat [2010.09.15 14:41:40 | 000,000,008 | ---- | C] () -- D:\Windows\System32\drivers\rtkhdaud.dat [2010.09.15 14:21:55 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat [2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2009.07.14 09:47:43 | 000,654,166 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2009.07.14 09:47:43 | 000,130,006 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,402,504 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2007.02.07 16:57:50 | 000,039,899 | ---- | C] () -- D:\Windows\System32\rtsicis.ini [2005.09.13 15:27:10 | 000,061,440 | ---- | C] () -- D:\Windows\System32\lxbkcnv5.dll [color=#E56717]========== LOP Check ==========[/color] [2011.01.30 11:05:37 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\Ahnenblatt [2010.09.18 11:33:45 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\Canneverbe Limited [2011.02.18 11:20:12 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\DAEMON Tools Lite [2010.12.01 10:54:32 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\DVDVideoSoftIEHelpers [2010.09.28 10:50:23 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\InterTrust [2010.12.09 16:15:38 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\Leadertech [2010.12.01 10:58:08 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\OpenOffice.org [2011.02.06 14:47:10 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\Visan [2011.01.23 17:33:13 | 000,000,000 | ---D | M] -- D:\Users\PC\AppData\Roaming\Windows Live Writer [2011.03.09 18:13:26 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () -- D:\autoexec.bat [2009.06.10 22:42:20 | 000,000,010 | ---- | M] () -- D:\config.sys [2011.03.16 15:15:44 | 2411,888,640 | -HS- | M] () -- D:\hiberfil.sys [2011.02.04 20:49:38 | 000,000,078 | ---- | M] () -- D:\lxbk.log [2011.03.16 15:15:46 | 3215,851,520 | -HS- | M] () -- D:\pagefile.sys [color=#A23BEC]< %systemroot%\system32\*.wt >[/color] [color=#A23BEC]< %systemroot%\system32\*.ruy >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2009.07.14 05:52:25 | 000,026,040 | ---- | M] () -- D:\Windows\Fonts\GlobalMonospace.CompositeFont [2009.07.14 05:52:25 | 000,026,489 | ---- | M] () -- D:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009.07.14 05:52:25 | 000,029,779 | ---- | M] () -- D:\Windows\Fonts\GlobalSerif.CompositeFont [2009.07.14 05:52:25 | 000,043,318 | ---- | M] () -- D:\Windows\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2009.06.10 22:31:19 | 000,000,065 | ---- | M] () -- D:\Windows\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color] [2007.05.23 21:22:28 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- D:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL [2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll [2009.07.14 02:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\spool\prtprocs\w32x86\winprint.dll [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color] [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color] [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color] [color=#A23BEC]< %systemroot%\*.scr >[/color] [2010.11.10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\WLXPGSS.SCR [color=#A23BEC]< %systemroot%\*._sy >[/color] [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color] [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2009.07.14 05:41:57 | 000,000,174 | -HS- | M] () -- D:\Programme\desktop.ini [color=#A23BEC]< %APPDATA%\Update\*.* >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- D:\Windows\System32\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- D:\Windows\System32\ws2_32.dll [color=#A23BEC]< %systemroot%\system32\ws2help.dll /md5 >[/color] [2009.07.14 02:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- D:\Windows\System32\ws2help.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- D:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\System32\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- D:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\System32\winlogon.exe [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- D:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-12 21:33:39 < End of report > Dieser Beitrag wurde am 16.03.2011 um 17:58 Uhr von Nigo editiert.
|
|
|
|
|
16.03.2011, 18:01
...neu hier
Themenstarter Beiträge: 5 |
#4
Und hier ist die extras.txt
ich hoffe du kannst mir helfen OTL Extras logfile created on: 16.03.2011 17:46:19 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\Users\PC\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 225,99 Gb Total Space | 147,91 Gb Free Space | 65,45% Space Free | Partition Type: NTFS Drive D: | 226,03 Gb Total Space | 147,95 Gb Free Space | 65,46% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23 "{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500 "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word "{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{80D847BF-3610-4BE4-9F05-970BADEADB9A}" = Studie zur Verbesserung von HP Deskjet 3050 J610 series Produkten "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CA7DA5E-B8BD-4E9F-A6F2-BAF53D503498}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92975DF9-EA36-4F36-A9AC-D412BC1D709E}" = Nuvoton EC Generic HID Driver "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software "{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help "{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT "{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A89EDEFA-785E-4A7D-B9C8-87FFE175D005}" = TT1260 Driver "{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 260.99 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.9.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216 "{D4102ABC-63C7-442B-8E3C-8C1E68957F79}" = Radiotracker "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Ahnenblatt_is1" = Ahnenblatt 2.62 "AVG9Uninstall" = AVG Free 9.0 "CCleaner" = CCleaner "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DivX Setup.divx.com" = DivX-Setup "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9 "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photo Creations" = HP Photo Creations "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "LManager" = Launch Manager "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15) "Password Safe" = Password Safe "PunkBusterSvc" = PunkBuster Services "Shockwave" = Shockwave "Shop for HP Supplies" = Shop for HP Supplies "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "TeamViewer 6" = TeamViewer 6 "TIPP10_is1" = TIPP10 Version 2.0.1 "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.6 "WinLiveSuite" = Windows Live Essentials "Works2004Setup" = Setup-Start von Microsoft Works 2004 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 13.03.2011 10:19:14 | Computer Name = PC-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 13.03.2011 13:52:36 | Computer Name = PC-PC | Source = Google Update | ID = 20 Description = Error - 13.03.2011 14:00:00 | Computer Name = PC-PC | Source = Windows Backup | ID = 4103 Description = Error - 14.03.2011 09:52:24 | Computer Name = PC-PC | Source = Google Update | ID = 20 Description = Error - 14.03.2011 10:52:24 | Computer Name = PC-PC | Source = Google Update | ID = 20 Description = Error - 14.03.2011 12:42:35 | Computer Name = PC-PC | Source = Application Hang | ID = 1002 Description = Programm firefox.exe, Version 1.9.2.4079 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 17f0 Startzeit: 01cbe24c1b68ce8f Endzeit: 24 Anwendungspfad: D:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: 0adb12ca-4e5a-11e0-881c-001d72ee9d46 Error - 15.03.2011 02:33:12 | Computer Name = PC-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 15.03.2011 09:29:35 | Computer Name = PC-PC | Source = VSS | ID = 8194 Description = Error - 15.03.2011 11:13:00 | Computer Name = PC-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: DivXSetup.exe, Version: 2.1.2.2, Zeitstempel: 0x4caf70ea Name des fehlerhaften Moduls: COMCTL32.dll, Version: 6.10.7600.16661, Zeitstempel: 0x4c6f625b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00047bfe ID des fehlerhaften Prozesses: 0x1500 Startzeit der fehlerhaften Anwendung: 0x01cbe31a0dc8b529 Pfad der fehlerhaften Anwendung: D:\Users\PC\AppData\Local\Temp\DivXSetup.exe Pfad des fehlerhaften Moduls: D:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\COMCTL32.dll Berichtskennung: b6aec6ca-4f16-11e0-883e-001d72ee9d46 Error - 15.03.2011 11:13:04 | Computer Name = PC-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: DivXSetup.exe, Version: 2.1.2.2, Zeitstempel: 0x4caf70ea Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695, Zeitstempel: 0x4cc7ab44 Ausnahmecode: 0xc0150010 Fehleroffset: 0x000817ff ID des fehlerhaften Prozesses: 0x1500 Startzeit der fehlerhaften Anwendung: 0x01cbe31a0dc8b529 Pfad der fehlerhaften Anwendung: D:\Users\PC\AppData\Local\Temp\DivXSetup.exe Pfad des fehlerhaften Moduls: D:\Windows\SYSTEM32\ntdll.dll Berichtskennung: b8dcf996-4f16-11e0-883e-001d72ee9d46 [ Media Center Events ] Error - 26.02.2011 15:56:07 | Computer Name = PC-PC | Source = MCUpdate | ID = 0 Description = 20:56:06 - Fehler beim Herstellen der Internetverbindung. 20:56:06 - Serververbindung konnte nicht hergestellt werden.. Error - 26.02.2011 15:56:19 | Computer Name = PC-PC | Source = MCUpdate | ID = 0 Description = 20:56:12 - Fehler beim Herstellen der Internetverbindung. 20:56:12 - Serververbindung konnte nicht hergestellt werden.. Error - 28.02.2011 14:49:22 | Computer Name = PC-PC | Source = MCUpdate | ID = 0 Description = 19:49:22 - Directory konnte nicht abgerufen werden (Fehler: Timeout für Vorgang überschritten) Error - 12.03.2011 09:48:51 | Computer Name = PC-PC | Source = MCUpdate | ID = 0 Description = 14:48:51 - Fehler beim Herstellen der Internetverbindung. 14:48:51 - Serververbindung konnte nicht hergestellt werden.. Error - 12.03.2011 09:49:01 | Computer Name = PC-PC | Source = MCUpdate | ID = 0 Description = 14:48:56 - Fehler beim Herstellen der Internetverbindung. 14:48:56 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 12.03.2011 16:22:04 | Computer Name = PC-PC | Source = cdrom | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\CdRom0. Error - 12.03.2011 16:22:10 | Computer Name = PC-PC | Source = cdrom | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\CdRom0. Error - 12.03.2011 16:22:17 | Computer Name = PC-PC | Source = cdrom | ID = 262151 Description = Fehlerhafter Block bei Gerät \Device\CdRom0. Error - 12.03.2011 17:31:26 | Computer Name = PC-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 6 Description = Das Service Pack kann nicht installiert werden, wenn der Computer im Akkubetrieb ausgeführt wird. Error - 12.03.2011 17:32:33 | Computer Name = PC-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 8 Description = Fehler bei der Service Pack-Installation. Fehlercode: 0x800f0829. Error - 12.03.2011 17:32:36 | Computer Name = PC-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows 7 Service Pack 1 (KB976932) Error - 14.03.2011 13:41:10 | Computer Name = PC-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?14.?03.?2011 um 18:38:50 unerwartet heruntergefahren. Error - 15.03.2011 02:31:44 | Computer Name = PC-PC | Source = WMPNetworkSvc | ID = 866333 Description = Error - 16.03.2011 10:18:06 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 16.03.2011 10:18:06 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > |
|
|
|
|
16.03.2011, 18:34
Moderator
Beiträge: 5694 |
#5
Schritt 1
Fixen mit OTL • Starte bitte die OTL.exe. Vista und Win7 User mit Rechtsklick "als Administrator starten" • Kopiere nun den Inhalt in die Textbox.Code :OTL• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop. ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt) Kopiere nun den Inhalt hier in Deinen Thread Schritt 2 ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten. Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten. • Dein Anti-Virus-Programm während des Scans deaktivieren. • Button  drücken.Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.• IE-User: müssen das Installieren eines ActiveX Elements erlauben. • Setze den einen Hacken bei Yes, i accept the Terms of Use. • Drücke den  Button.• Warte bis die Komponenten herunter geladen wurden. • Setze einen Haken bei "Remove found threads" und "Scan archives".• drücken.• Die Signaturen werden herunter geladen.Der Scan beginnt automatisch. Wenn der Scan beendet wurde • Klicke Finish.• Browser schließen. • Explorer öffnen. • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen. • Logfile hier posten. Schritt 3 Noch Probleme? |
|
|
|
|
17.03.2011, 16:36
...neu hier
Themenstarter Beiträge: 5 |
#6
All processes killed
========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Logitech Download Assistant deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PLFSetI deleted successfully. D:\autoexec.bat moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gast ->Temp folder emptied: 1669122 bytes ->Temporary Internet Files folder emptied: 22018530 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 77946382 bytes ->Flash cache emptied: 3394 bytes User: PC ->Temp folder emptied: 483620210 bytes ->Temporary Internet Files folder emptied: 8990310 bytes ->Java cache emptied: 1364730 bytes ->FireFox cache emptied: 114877461 bytes ->Google Chrome cache emptied: 13696888 bytes ->Flash cache emptied: 5873 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1235054 bytes RecycleBin emptied: 452401195 bytes Total Files Cleaned = 1.123,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03172011_132724 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Eset log: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6425 # api_version=3.0.2 # EOSSerial=04a9b2d68002f342b7352817d7ef0024 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-03-17 03:34:07 # local_time=2011-03-17 04:34:07 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=1024 16777215 100 0 15646494 15646494 0 0 # compatibility_mode=5893 16776574 100 94 15648234 52804399 0 0 # compatibility_mode=8192 67108863 100 0 3892 3892 0 0 # scanned=285302 # found=1 # cleaned=1 # scan_time=10391 D:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\7ms0rq9s.default\Cache\CD7464DAd01 a variant of Win32/Adware.HotBar.H application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C |
|
|
|
|
17.03.2011, 16:41
...neu hier
Themenstarter Beiträge: 5 |
#7
Vielen Dank für deine Hilfe, dank dieser bin ich das nervige Problem losgeworden.
|
|
|
|
|
17.03.2011, 16:41
Moderator
Beiträge: 5694 |
#8
Und kommt die Meldung noch?
|
|
|
|
|
18.04.2011, 13:27
...neu hier
Beiträge: 4 |
#9
Hallo ihr Lieben...
auf der Suche nach der Lösung meines Problems bin ich zufällig auf dieses Forum gestoßen und wie man vielleicht sehen kann, bin ich noch ein ziemliches "frisches" Mitglied, deshalb ein riesengroßes ENTSCHULDIGUNG, sollte ich gerade im falschen Thread posten. Nun zu meinem Problem: Ich war vor zwei Wochen im Internet unterwegs, als plötzlich eine Computermeldung kam, die mich fragte, ob ich ein unbekanntes Programm öffnen möchte. Ich hab "Abbrechen" geklickt, weil mir das schon komisch vorkam, doch es wurde anscheinend doch geöffnet und wenig später bekam ich die Meldung von NORTON, dass ich einen Trojaner hätte. Ich hab sofort einen Viren-Scan gemacht, wieder wurde etwas gefunden. Die Scans der folgenden Tage zeigten auch immer wieder etwas an. Hab mir dann auch noch ein anderes Programm geholt, das hat jedoch dann nichts mehr gefunden, NORTON auch nicht mehr. Da dachte ich, das Problem wär gelöst. Doch leider erscheint nach wie vor die Nachricht, dass das Modul "akasixax.dll" nicht gefunden werden konnte. Könntet ihr mir bitte helfen, wie ich diese lästige Nachricht wieder weg und meinen Computer "sauber" (sollte er noch befallen sein) kriege? Ich bin wirklich noch ein absoluter Computer-Laie...  Schon mal vielen Dank im Voraus, Ceechen |
|
|
|
|
18.04.2011, 19:46
Moderator
Beiträge: 5694 |
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Ich kopiere jetzt mal meine Log und hoffe mir kann jemand helfen.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:35, on 12.03.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
D:\Windows\system32\taskhost.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Windows\RtHDVCpl.exe
D:\Program Files\AVG\AVG9\avgtray.exe
D:\Users\PC\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\System32\rundll32.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
D:\Spiele\LogMeIn Hamachi\hamachi-2-ui.exe
D:\Program Files\HP\HP Software Update\hpwuschd2.exe
D:\Program Files\DivX\DivX Update\DivXUpdate.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\Password Safe\pwsafe.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Users\PC\AppData\Local\Temp\Temp1_HiJackThis(2).zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=15003&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.1.25
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - D:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [AVG9_TRAY] D:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LManager] D:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] D:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Spiele\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PLFSetI] D:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [DivXUpdate] "D:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Logitech . Produktregistrierung.lnk = D:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe
O4 - Startup: OpenOffice.org 3.2.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Password Safe.lnk = D:\Program Files\Password Safe\pwsafe.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\PC\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @D:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - D:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @D:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @D:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: d:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - D:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - D:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - D:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Spiele\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - D:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - D:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - D:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8692 bytes