Home » Viren, Trojaner & Malware Forum » Computer unter windows xp sehr langsam geworden » Themenansicht

Computer unter windows xp sehr langsam geworden
#0
28.08.2010, 22:43
tina_512
...neu hier

Beiträge: 5
#1 Hallo!

Mein guter alter Computer wird immer langsamer. Heute hat er immerhin etwas mehr Ram und eine neue Grfikkarte bekommen, die die Onboardkarte ablösen soll, aber trot der etwas erhöhten Geschwindigkeit vermisse ich die Geschwindigkeit aus alten Zeiten. Ich habe den Verdacht, ich habe mir einiges eingefangen. Kann man mir da helfen oder soll ich ein neues Windows aufspielen? Viele Programme funktionieren aber nur unter xp....leider!
Seitenanfang Seitenende
28.08.2010, 23:13
gangren
Member

Beiträge: 420
#2 Hi,

man könnte ja auch den XP neu aufspielen. Vor allem, wenn der PC wirklich verseucht sein sollte wäre das die beste Lösung.
Wir können aber auch erst nachschauen:

1. Malwarebytes
http://www.malwarebytes.org/affiliates/g2g/mbam-setup.exe
Malwarebytes bitte installieren, aktualisieren, einen Quick Scan durchführen, evt. Funde entfernen lassen und das Log posten.

2. OTL
http://oldtimer.geekstogo.com/OTL.exe
Das Programm starten, bei Scan All Users, Loop Check und Purity Check Häckchen setzen und auf Run Scan klicken. Es werden zwei Logs erstellt, OTL.txt und Extras.txt, die beiden bitte posten.
Seitenanfang Seitenende
29.08.2010, 00:29
tina_512
...neu hier

Themenstarter

Beiträge: 5
#3 Hallo!

ich sitze gerade hier mit Agnes. Ihr gehöhrt der Computer eigentlich. Sie möchte das xp gerne behalten denn es sind viele Sachen von ihr drauf die sie behalten möchte. Sie hofft sehr dass man es wieder schnell bekommt und keine viren drauf sein.

das erste Programm hat sich in eine andere Sprache installiert.
Es gibt "lop check" kein loop check

inga = keine
illasinnade = gefährlich wirkend
hittades = wurde gefunden

mappar = ordner
filer = dateien
snabbskanning = schnelldurchsicht
förfluten = vergangen
antal = anzahl



Zitat

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databasversion: 4495

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-08-29 00:16:27
mbam-log-2010-08-29 (00-16-27).txt

Skanningstyp: Snabbskanning
Antal skannade objekt: 137944
Förfluten tid: 8 minut(er), 39 sekund(er)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervärden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
(Inga illasinnade poster hittades)

Zitat

OTL logfile created on: 2010-08-29 00:23:40 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Admin\Mina dokument\Hämtade filer
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 216,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 74,55 Gb Total Space | 23,14 Gb Free Space | 31,04% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 149,05 Gb Total Space | 132,72 Gb Free Space | 89,04% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEMMA
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010-08-29 00:06:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mina dokument\Hämtade filer\OTL.exe
PRC - [2010-02-18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jucheck.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Delade filer\Java\Java Update\jusched.exe
PRC - [2010-01-21 17:13:38 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program\Mozilla Firefox\firefox.exe
PRC - [2009-07-21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\avguard.exe
PRC - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-05-13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\sched.exe
PRC - [2009-03-27 10:56:28 | 000,939,536 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2009-03-02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-08-06 01:07:30 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\Program\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2004-07-01 18:23:32 | 000,067,584 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010-08-29 00:06:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Mina dokument\Hämtade filer\OTL.exe
MOD - [2008-04-14 18:03:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009-08-05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009-07-21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009-05-19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009-05-13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\Drivers\SSPORT.sys -- (SSPORT)
DRV - [2010-01-10 00:38:56 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-08-05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009-05-11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-03-30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009-02-13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2005-08-04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-08-11 15:39:38 | 000,041,984 | R--- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2004-07-01 14:49:00 | 000,626,977 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-02-24 11:08:52 | 000,400,384 | R--- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2001-08-17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001-08-17 22:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001-07-30 12:34:28 | 000,585,840 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2001-07-16 13:17:30 | 000,076,610 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
DRV - [2001-07-16 13:16:58 | 000,539,917 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
DRV - [2001-07-15 20:05:54 | 000,067,222 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)
DRV - [2001-07-03 19:42:30 | 000,017,776 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cnxtdiag.sys -- (Cnxtdiag)
DRV - [2001-06-24 19:16:36 | 000,427,215 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
DRV - [2001-06-24 19:16:08 | 000,124,189 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
DRV - [2001-06-24 19:15:20 | 000,215,195 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
DRV - [2001-06-24 19:14:18 | 000,059,375 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
DRV - [2001-06-24 19:13:56 | 000,308,403 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-436374069-1532298954-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-436374069-1532298954-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKU\S-1-5-21-436374069-1532298954-839522115-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 6E 47 3F D7 46 CB 01 [binary data]
IE - HKU\S-1-5-21-436374069-1532298954-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program\Mozilla Firefox\components [2010-08-28 21:59:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2010-08-28 20:39:40 | 000,000,000 | ---D | M]

[2010-08-28 21:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2010-08-28 22:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\nttzicog.default\extensions
[2010-08-28 22:42:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\nttzicog.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-05-16 09:28:58 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions
[2010-05-16 09:28:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program\Mozilla Firefox\plugins\npdeployJava1.dll
[2009-12-02 10:27:48 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml
[2009-12-02 10:27:48 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml
[2009-12-02 10:27:48 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml
[2009-12-02 10:27:48 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml
[2009-12-02 10:27:48 | 000,000,647 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: ([2002-09-11 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-436374069-1532298954-839522115-1006\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program\Delade filer\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Personal.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Systemfältet för ATI CATALYST.lnk = C:\Program\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-1532298954-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233496779312 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} http://edu2.bollnas.se/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-12-20 00:01:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010-04-22 10:03:50 | 000,000,090 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-08-29 00:07:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Malwarebytes
[2010-08-29 00:06:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-08-29 00:06:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-08-29 00:06:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-08-29 00:06:51 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware
[2010-08-29 00:06:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Mina dokument\Hämtade filer
[2010-08-28 21:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\Mozilla
[2010-08-28 21:59:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Mozilla
[2010-08-28 20:32:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2010-08-28 19:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Macromedia
[2010-08-28 19:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Adobe
[2010-08-28 19:34:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\PrivacIE
[2010-08-28 19:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\Google
[2010-08-28 19:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\ATI
[2010-08-28 19:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\ATI
[2010-08-28 19:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\ApplicationHistory
[2010-08-28 19:23:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010-08-28 19:21:17 | 000,000,000 | ---D | C] -- C:\Program\ATI Technologies
[2010-08-28 19:14:33 | 000,307,200 | R--- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2010-08-28 18:45:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Sun
[2010-08-28 18:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Personal
[2010-08-28 18:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\Identities
[2010-08-28 18:39:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Mina dokument\Min musik
[2010-08-28 18:39:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Mina dokument\Mina bilder
[2010-08-28 18:39:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\IETldCache
[2010-08-28 18:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\Microsoft
[2010-08-28 18:39:02 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Admin\Application Data\Microsoft
[2010-08-28 18:39:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\SendTo
[2010-08-28 18:39:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Application Data
[2010-08-28 18:39:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Start-meny
[2010-08-28 18:39:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Mina dokument
[2010-08-28 18:39:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Admin\Favoriter
[2010-08-28 18:39:02 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\Cookies
[2010-08-28 18:39:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Admin\Skrivare
[2010-08-28 18:39:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Admin\Nätverket
[2010-08-28 18:39:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Admin\Mallar
[2010-08-28 18:39:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Admin\Lokala inställningar
[2010-08-28 18:39:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Skrivbord
[2009-04-01 17:04:43 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[2009-03-27 10:55:29 | 000,925,416 | ---- | C] (Microsoft Corporation) -- C:\Program\PersonalSetup4100.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-08-29 00:06:58 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-08-28 22:15:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-08-28 22:15:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-08-28 22:05:01 | 044,089,904 | ---- | M] () -- C:\Documents and Settings\All Users\Dokument\avira_antivir_personal_en.exe
[2010-08-28 22:00:16 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2010-08-28 22:00:16 | 000,000,192 | -HS- | M] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010-08-28 21:59:55 | 004,826,632 | -H-- | M] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\IconCache.db
[2010-08-28 20:49:31 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-28 20:39:45 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\Adobe Reader 9.lnk
[2010-08-28 20:33:55 | 000,047,902 | ---- | M] () -- C:\Documents and Settings\Admin\Mina dokument\cc_20100828_203349.reg
[2010-08-28 19:30:13 | 000,000,134 | ---- | M] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\fusioncache.dat
[2010-08-28 19:27:58 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\ATI Catalyst Control Center.lnk
[2010-08-28 19:27:58 | 000,001,807 | ---- | M] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Systemfältet för ATI CATALYST.lnk
[2010-08-28 19:23:45 | 000,442,952 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2010-08-28 19:23:45 | 000,440,998 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-08-28 19:23:45 | 000,083,296 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2010-08-28 19:23:45 | 000,071,316 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-08-28 19:23:44 | 001,029,414 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-08-28 18:56:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2010-08-28 18:39:57 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2010-08-28 18:39:55 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf
[2010-08-28 18:39:31 | 000,022,392 | ---- | M] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT
[2010-08-28 18:01:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-08-19 06:33:02 | 000,141,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-08-29 00:06:58 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\Malwarebytes' Anti-Malware.lnk
[2010-08-28 22:04:00 | 044,089,904 | ---- | C] () -- C:\Documents and Settings\All Users\Dokument\avira_antivir_personal_en.exe
[2010-08-28 20:49:31 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-28 20:33:52 | 000,047,902 | ---- | C] () -- C:\Documents and Settings\Admin\Mina dokument\cc_20100828_203349.reg
[2010-08-28 19:30:13 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Admin\Lokala inställningar\Application Data\fusioncache.dat
[2010-08-28 19:27:58 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\ATI Catalyst Control Center.lnk
[2010-08-28 19:27:58 | 000,001,807 | ---- | C] () -- C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Systemfältet för ATI CATALYST.lnk
[2010-08-28 19:21:47 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010-08-28 19:14:27 | 000,005,496 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010-08-28 19:14:25 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010-08-28 19:14:20 | 000,524,850 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2010-08-28 19:14:20 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2010-08-28 19:14:19 | 000,058,560 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2010-08-28 19:14:19 | 000,021,712 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2010-08-28 18:56:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2010-08-28 18:39:57 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2010-08-28 18:39:55 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf
[2010-08-28 18:39:04 | 000,000,192 | -HS- | C] () -- C:\Documents and Settings\Admin\ntuser.ini
[2010-08-28 18:39:02 | 000,020,480 | -H-- | C] () -- C:\Documents and Settings\Admin\NTUSER.DAT.LOG
[2010-08-28 18:39:01 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Admin\NTUSER.DAT
[2009-03-15 17:14:05 | 000,012,288 | R--- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2009-03-03 00:13:24 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-02-01 16:33:48 | 000,000,383 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-02-01 16:21:42 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2009-02-01 15:48:27 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[1999-01-22 18:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2010-08-28 18:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Personal
[2010-01-07 20:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2010-01-15 13:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010-01-15 13:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2010-01-07 20:36:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5163CD15-ECCB-48A1-8C5C-22A36002B9DB}
[2009-08-11 14:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WORK\Application Data\Personal

[color=#E56717]========== Purity Check ==========[/color]


< End of report >

Zitat

OTL Extras logfile created on: 2010-08-29 00:23:40 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Admin\Mina dokument\Hämtade filer
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 216,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 74,55 Gb Total Space | 23,14 Gb Free Space | 31,04% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 149,05 Gb Total Space | 132,72 Gb Free Space | 89,04% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HEMMA
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-436374069-1532298954-839522115-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet;)isabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet;)isabled:@xpsp2res.dll,-22008

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Documents and Settings\Anki\Skrivbord\utorrent.exe" = C:\Documents and Settings\Anki\Skrivbord\utorrent.exe:*:Enabled:µTorrent -- File not found


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000041D-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{08A247F5-E34F-4D17-8731-0906DF56947E}" = Windows Live Sync
"{0E93710D-31E5-477C-8A4B-5032B484BE74}" = Windows Live inloggningsassistenten
"{14FB2C18-CFC1-4DF4-A9CF-BAD3CCB5AAFD}" = Windows Live Toolbar
"{1A8BAA46-1179-4743-B00E-51B794A018B0}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5A70922D-9365-43CC-ADA9-CB84E4A54E4E}" = Windows Live Essentials
"{65F6D25C-2B2B-4673-A81D-E7D7D72B29E4}" = Windows Live Family Safety
"{86EC42B5-346E-4BAB-948D-58E021EA4BD1}" = ATI Catalyst Control Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0020-041D-0000-0000000FF1CE}" = Compatibility Pack för Office 2007-systemet
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBE7AA1-AFA8-4D76-8FC2-1FDFD9BD3371}" = Windows Live Mail
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1053-7B44-A93000000001}" = Adobe Reader 9.3.4 - Svenska
"{B10BBB62-6349-45CB-8F83-7E4F40A4E6C2}" = Lexmark X215 - TWAIN
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3FE3DD5-92E1-4EC3-BD6B-822DD99E8991}" = Windows Live Photo Gallery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EC928237-A3BD-4640-ABD0-E49E758F2315}" = Windows Live Messenger
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Hjälp för avinstallation av program
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_8D88122D" = MSP3885-E 56K PCI Modem
"ie8" = Windows Internet Explorer 8
"Lexmark_HostCD" = Lexmark Avinstallera programvara
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miro" = Miro
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6
"NeroVision!UninstallKey" = NeroVision Express
"Personal" = Personal 4.10.2
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"VLC media player" = VLC media player 1.0.5
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2010-03-01 03:52:18 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

Error - 2010-03-01 03:52:37 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

Error - 2010-03-03 03:59:26 | Computer Name = HEMMA | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.

Error - 2010-03-03 03:59:52 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

Error - 2010-03-07 17:29:16 | Computer Name = HEMMA | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.

Error - 2010-03-07 17:29:16 | Computer Name = HEMMA | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.

Error - 2010-03-07 17:29:45 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

Error - 2010-03-07 17:29:49 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

Error - 2010-03-09 10:47:15 | Computer Name = HEMMA | Source = Application Hang | ID = 1002
Description = Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul
hungapp, version 0.0.0.0, stoppad adress 0x00000000.

Error - 2010-03-09 18:54:34 | Computer Name = HEMMA | Source = Application Hang | ID = 1001
Description = Fel-bucket 1180947459.

[ System Events ]
Error - 2010-08-28 12:04:19 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten IMAPI CD-Burning COM Service kunde inte startas på grund
av följande fel: %%1053

Error - 2010-08-28 12:12:58 | Computer Name = HEMMA | Source = DCOM | ID = 10010
Description = Servern {0002DF01-0000-0000-C000-000000000046} registrerades inte
med DCOM inom erforderlig timeout.

Error - 2010-08-28 12:15:17 | Computer Name = HEMMA | Source = DCOM | ID = 10010
Description = Servern {0002DF01-0000-0000-C000-000000000046} registrerades inte
med DCOM inom erforderlig timeout.

Error - 2010-08-28 12:37:49 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 12:39:12 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 13:11:53 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 13:18:34 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 13:30:54 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 14:36:05 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2

Error - 2010-08-28 16:15:30 | Computer Name = HEMMA | Source = Service Control Manager | ID = 7000
Description = Tjänsten SSPORT kunde inte startas på grund av följande fel: %%2


< End of report >
Seitenanfang Seitenende
29.08.2010, 10:01
gangren
Member

Beiträge: 420
#4 Das sieht eigentlich ganz gut aus. Mal sehen, ob wir dem PC Beine machen können.

1. Starte bitte OTL, kopiere unten in das Script-Feld rein:

Zitat

:OTL
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O32 - AutoRun File - [2010-04-22 10:03:50 | 000,000,090 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]

:Commands
[purity]
[emptytemp]
[emptyflash]
und klicke auf Run Fix (bzw. was danach aussieht, die Schrift sollte rot sein ;) ). Unter Umständen ist ein Neustart notwendig. Poste bitte das Fix Log.

2. RootRepeal
http://sites.google.com/site/rootrepeal/
Starte RootRepeal.
Beende alle anderen Programme.
Gehe unten auf den Reiter Report.
Klicke auf Scan.
Setze alle Häkchen.
Bestätige mit OK.
Falls gefragt, wähle Laufwerk C:
Bestätige mit OK.
Am Ende des Scans wird ein Log eingeblendet, poste es bitte.
Seitenanfang Seitenende
29.08.2010, 13:27
tina_512
...neu hier

Themenstarter

Beiträge: 5
#5 Hallo!

hier das log-file.

Zitat

All processes killed
========== OTL ==========
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
E:\AUTORUN.INF moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 2867078 bytes
->Temporary Internet Files folder emptied: 2155524 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 56613440 bytes
->Flash cache emptied: 490 bytes

User: All Users

User: Agnes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2699298 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: WORK
->Temp folder emptied: 164133 bytes
->Temporary Internet Files folder emptied: 212261128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 23670502 bytes
->Flash cache emptied: 1670 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1139202 bytes
%systemroot%\System32 .tmp files removed: 253970 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33095 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 288,00 mb


[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Agnes

User: Default User

User: LocalService

User: NetworkService

User: WORK
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Error: Unable to interpret <Quelle: http://board.protecus.de/t40268.htm#ixzz0xzYP0ssL> in the current context!

OTL by OldTimer - Version 3.2.11.0 log created on 08292010_130449

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Seitenanfang Seitenende
29.08.2010, 17:56
gangren
Member

Beiträge: 420
#6 Das Log von RootRepeal?
Seitenanfang Seitenende
29.08.2010, 18:09
tina_512
...neu hier

Themenstarter

Beiträge: 5
#7 Hallo!

Es ist ein Programm mit der Endung rar. Wie bekomme ich es gestartet?
Seitenanfang Seitenende
29.08.2010, 18:34
gangren
Member

Beiträge: 420
#8 Lade Dir am besten eins mit der Endung zip -
http://sites.google.com/site/rootrepeal/RootRepeal.zip
und entpacke es auf den Desktop ( Rechtsklick -> Alle extrahieren).
Seitenanfang Seitenende
30.08.2010, 21:14
tina_512
...neu hier

Themenstarter

Beiträge: 5
#9 Hier ist die andere Datei.

Zitat

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/08/30 21:11
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xBA56D000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8A6C000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB7399000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xf8b01de6

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xf8b01ddc

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xf8b01deb

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xf8b01df5

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xf8b01dfa

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xf8b01dc8

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xf8b01dcd

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xf8b01e04

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xf8b01dff

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xf8b01df0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xf8b01dd7

==EOF==
Seitenanfang Seitenende
30.08.2010, 21:40
gangren
Member

Beiträge: 420
#10 Nichts zu entdecken.

Nun könnte man noch defragmentieren
Start -> Alle Programme -> Zubehör -> Systemprogramme -> Defragmentierung
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1