Zurück   Trojaner-Board > Malware entfernen > Diskussionsforum

Diskussionsforum: bekanntes Problem predictadme[1].js

Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben.

Antwort
Alt 09.07.2010, 17:49   #1
Vhaeraun
 
bekanntes Problem predictadme[1].js - Ausrufezeichen

bekanntes Problem predictadme[1].js



Hallo!

Ich habe auch das bekannte Problem mit predictadme[1].js...leider konnte ich mein problem nicht bei den schon vorhandenen Beiträgen dazu posten - fragt mich nciht warum das nicht ging, kA - jednefalls wollte ich hier um Hilfe fragen, damit ich nicht immer von Antivir die Meldung bekomme bei jedem Fensteraufbau und poste hier gleich sowohl das Extras.Txt als auch das OTL.Txt und ich hoffe, ihr könnt mir helfen....

Extras.Txt:

OTL Extras logfile created on: 09.07.2010 18:29:59 - Run 3
OTL by OldTimer - Version 3.2.8.1 Folder = C:\OTL_Oldtimer
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,89 Gb Total Space | 6,85 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
Drive D: | 46,87 Gb Total Space | 31,41 Gb Free Space | 67,03% Space Free | Partition Type: NTFS
Drive E: | 9,02 Gb Total Space | 5,49 Gb Free Space | 60,87% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRIVAT-57370E9C
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe" = C:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main -- (Obsidian Entertainment, Inc.)
"C:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe" = C:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD -- (Obsidian Entertainment, Inc.)
"C:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe" = C:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater -- (Obsidian Entertainment, Inc.)
"C:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe" = C:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server -- (Obsidian Entertainment, Inc.)
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Programme\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- File not found
"C:\Programme\Zattoo\zattood.exe" = C:\Programme\Zattoo\zattood.exe:*:Enabled:zattood -- File not found
"C:\Programme\Zattoo\Zattoo2.exe" = C:\Programme\Zattoo\Zattoo2.exe:*:Enabled: -- File not found
"C:\Programme\Ubisoft\SilentHunterIII\sh3.exe" = C:\Programme\Ubisoft\SilentHunterIII\sh3.exe:*:Enabled:Silent Hunter III -- (Ubisoft)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\RunesOfMagic\YuLeech-RunesofMagic2_0_1_1821-de.exe" = C:\RunesOfMagic\YuLeech-RunesofMagic2_0_1_1821-de.exe:*:Enabled:FOG Downloader -- (Frogster Online Gaming GmbH)
"C:\Programme\Microsoft Games\Age of Empires II\EMPIRES2.EXE" = C:\Programme\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Enabled:Age of Empires II -- File not found
"C:\Programme\Runes of Magic\launcher.exe" = C:\Programme\Runes of Magic\launcher.exe:*isabled:BaseUpda Application -- ()
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabledie Schlacht um Mittelerde™ II -- (Electronic Arts Inc.)
"C:\Programme\Runes of Magic\Client.exe" = C:\Programme\Runes of Magic\Client.exe:*:Enabled:Runes of Magic -- (Runewaker)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\MySpace\IM\MySpaceIM.exe" = C:\Programme\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0004D4C8-7F6C-BA20-32B2-5C861FA340CB}" = Catalyst Control Center Graphics Full Existing
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{10053F59-0765-163D-F759-155E6DA35AB6}" = CCC Help English
"{101E4225-8983-7850-3E8C-00C5E0A13B40}" = ccc-core-static
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Foto 7.0
"{3AFD938F-D1FF-490A-9154-82774A9E977E}" = Sid Meier's Civilization 4
"{3F555374-449A-0734-73EA-5FF6207FA30F}" = Skins
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5141D667-6FE0-DFD6-FDC8-C981DC06520C}" = Catalyst Control Center Graphics Full New
"{51C9B6D6-BF0F-3BA5-1EA4-17C6190DBE07}" = ccc-core-preinstall
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7911C404-9AFA-4BB2-B9B7-E47423D87528}" = Knights Of Honor
"{79896C28-C277-42d5-990A-D98E10682654}" = Titan Quest
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{86F68693-A637-1F4D-5D4F-4D58486A4601}" = ccc-utility
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{AE888E0F-6727-0045-A966-CFB975AC15BA}" = Catalyst Control Center Graphics Previews Common
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C952BD03-9AC6-F898-B17F-9352638EC93C}" = Catalyst Control Center Core Implementation
"{CADF1911-C4FB-8651-36E0-FF06DAA75F28}" = Catalyst Control Center Graphics Light
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D98C9637-93DA-44DB-B73A-B11A1192AB26}" = GameShadow
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Medion Flash XL
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"A4 EPP Scanner v2.0" = A4 EPP Scanner v2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires" = Microsoft Age of Empires
"All ATI Software" = ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ATI Display Driver" = ATI Display Driver
"Faerun_SS" = Faerun_SS Screen Saver
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InterActual Player" = InterActual Player
"Lexmark 1200 Series" = Lexmark 1200 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySpaceIM" = MySpaceIM
"MySpaceToolbar" = MySpace Toolbar
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Shockwave" = Shockwave
"Sierra Utilities" = Sierra Utilities
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"star wars 3 Screen Saver" = star wars 3 Screen Saver
"STARWARS: The Battle of Endor v2.1_is1" = STARWARS: The Battle of Endor version 2.1
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Ulead Photo Express 2.0 SE" = Ulead Photo Express 2.0 SE
"Visitenkarten in 2 Minuten" = Visitenkarten in 2 Minuten
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2003Setup" = Microsoft Works 2003-Setup-Start
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X-Wing Alliance Desktop Theme 1.0" = X-Wing Alliance Desktop Theme 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.06.2010 12:59:29 | Computer Name = PRIVAT-57370E9C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 15.06.2010 16:56:48 | Computer Name = PRIVAT-57370E9C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ts3client_win32.exe, Version 1.0.0.0, fehlgeschlagenes
Modul msvcrt.dll, Version 7.0.2600.2180, Fehleradresse 0x00036fa3.

Error - 16.06.2010 08:04:53 | Computer Name = PRIVAT-57370E9C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mghooking.dll, Version 2.8.0.11, Fehleradresse 0x000031d4.

Error - 16.06.2010 08:06:17 | Computer Name = PRIVAT-57370E9C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 16.06.2010 08:06:19 | Computer Name = PRIVAT-57370E9C | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 18.06.2010 04:53:51 | Computer Name = PRIVAT-57370E9C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 18.06.2010 05:11:48 | Computer Name = PRIVAT-57370E9C | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 18.06.2010 11:20:47 | Computer Name = PRIVAT-57370E9C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul mghooking.dll, Version 2.8.0.11, Fehleradresse 0x000031d4.

Error - 01.07.2010 12:26:13 | Computer Name = PRIVAT-57370E9C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ts3client_win32.exe, Version 1.0.0.0, fehlgeschlagenes
Modul ts3client_win32.exe, Version 1.0.0.0, Fehleradresse 0x0037f740.

Error - 05.07.2010 16:53:38 | Computer Name = PRIVAT-57370E9C | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ts3client_win32.exe, Version 1.0.0.0, fehlgeschlagenes
Modul msvcrt.dll, Version 7.0.2600.2180, Fehleradresse 0x00036fa3.

[ System Events ]
Error - 26.06.2010 05:23:07 | Computer Name = PRIVAT-57370E9C | Source = System Error | ID = 1003
Description = Fehlercode 100000ea, 1. Parameter 892da020, 2. Parameter 890070e8,
3. Parameter f78b2cb4, 4. Parameter 00000001.

Error - 07.07.2010 12:35:26 | Computer Name = PRIVAT-57370E9C | Source = System Error | ID = 1003
Description = Fehlercode 100000ea, 1. Parameter 892cd9b8, 2. Parameter 89218488,
3. Parameter ba723cb4, 4. Parameter 00000001.


< End of report >

Otl.Txt:

OTL logfile created on: 09.07.2010 18:29:59 - Run 3
OTL by OldTimer - Version 3.2.8.1 Folder = C:\OTL_Oldtimer
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,89 Gb Total Space | 6,85 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
Drive D: | 46,87 Gb Total Space | 31,41 Gb Free Space | 67,03% Space Free | Partition Type: NTFS
Drive E: | 9,02 Gb Total Space | 5,49 Gb Free Space | 60,87% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PRIVAT-57370E9C
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\OTL_Oldtimer\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\MySpace\Toolbar\1.0.72.0\MSTBCoreContainer.exe (MySpace)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\MySpace\IM\MySpaceIM.exe ()
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Lexmark 1200 Series\lxczbmon.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\Dit.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
PRC - C:\WINDOWS\DitExp.exe ()
PRC - C:\WINDOWS\twain_32\CIS600X\WATCH.exe (Common Group)
PRC - C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe (Ulead Systems, Inc.)


========== Modules (SafeList) ==========

MOD - C:\OTL_Oldtimer\OTL.exe (OldTimer Tools)
MOD - C:\Programme\SweetIM\Messenger\mgAdaptersProxy.dll (SweetIM Technologies Ltd.)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\SweetIM\Messenger\msvcr71.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AntiVirScheduler) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)


========== Driver Services (SafeList) ==========

DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation)
DRV - (krdpdre) -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temp\krdpdre.sys ()
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors)
DRV - (Cap7134) MEDION (7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors)
DRV - (Intels51) -- C:\WINDOWS\system32\drivers\ctxs51.sys (Intel Corporation)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.)
DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.bak (Adaptec)
DRV - (SFC4) -- C:\WINDOWS\system32\drivers\sfc4.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-436374069-117609710-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\myspacefftb@myspace.com: C:\Programme\MySpace\Toolbar\1.0.72.0\ [2010.02.24 12:29:10 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2008.08.03 15:59:42 | 000,256,801 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8926 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Programme\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Programme\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-436374069-117609710-839522115-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-436374069-117609710-839522115-1004\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Programme\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-436374069-117609710-839522115-1004..\Run: [ICQ] C:\Programme\ICQ6\ICQ.exe File not found
O4 - HKU\S-1-5-21-436374069-117609710-839522115-1004..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-436374069-117609710-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-436374069-117609710-839522115-1004..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Photo Express Calendar Checker SE.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe (Ulead Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\Watch.lnk = C:\WINDOWS\twain_32\CIS600X\WATCH.exe (Common Group)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-117609710-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.29 13:54:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.07.09 18:14:49 | 000,000,000 | ---D | C] -- C:\OTL_Oldtimer
[2010.07.09 18:06:07 | 000,000,000 | ---D | C] -- C:\Hijack_Antivir
[2010.07.09 17:41:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.06.26 17:35:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\AOL
[2010.06.26 17:34:52 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2010.06.12 17:51:00 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[68 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.07.09 18:07:23 | 000,001,990 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.lnk
[2010.07.09 17:49:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.09 17:33:04 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.09 17:32:59 | 000,000,606 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI
[2010.07.09 17:32:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010.07.09 17:32:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.09 17:32:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.09 11:53:47 | 007,077,888 | ---- | M] () -- C:\Dokumente und Einstellungen\User\ntuser.dat
[2010.07.09 11:53:47 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\User\ntuser.ini
[2010.07.09 11:49:59 | 000,000,859 | ---- | M] () -- C:\WINDOWS\client.config.ini
[2010.07.08 22:55:18 | 004,306,952 | -H-- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.05 22:53:32 | 000,210,412 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-07-05 22_53_26.703125.dmp
[2010.07.03 12:14:55 | 000,000,298 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010.07.01 18:25:52 | 000,197,196 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-07-01 18_25_51.906250.dmp
[2010.06.26 17:36:20 | 000,001,451 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.2.lnk
[2010.06.24 09:52:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.23 19:07:30 | 000,996,254 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.23 19:07:30 | 000,448,470 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.23 19:07:30 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.23 19:07:30 | 000,079,910 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.23 19:07:30 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.22 11:32:07 | 000,019,968 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Nachweis der Eigenbemühungen.doc
[2010.06.18 22:33:18 | 000,028,983 | ---- | M] () -- C:\IchUV.jpg
[2010.06.15 22:56:28 | 000,202,516 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-06-15 22_56_26.281250.dmp
[2010.06.15 10:46:11 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.06.13 17:59:23 | 000,310,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.13 11:55:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[68 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.07.09 18:07:23 | 000,001,990 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.lnk
[2010.07.05 22:53:26 | 000,210,412 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-07-05 22_53_26.703125.dmp
[2010.07.01 18:25:51 | 000,197,196 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-07-01 18_25_51.906250.dmp
[2010.06.26 17:36:20 | 000,001,451 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.2.lnk
[2010.06.22 11:32:07 | 000,019,968 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Nachweis der Eigenbemühungen.doc
[2010.06.18 22:33:18 | 000,028,983 | ---- | C] () -- C:\IchUV.jpg
[2010.06.15 22:56:26 | 000,202,516 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ts3_clientui-win32-11315-2010-06-15 22_56_26.281250.dmp
[2010.01.12 10:52:55 | 000,000,084 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.01.12 10:52:52 | 000,000,298 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2010.01.12 10:52:24 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2010.01.12 10:52:01 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2010.01.04 21:08:55 | 000,000,859 | ---- | C] () -- C:\WINDOWS\client.config.ini
[2009.12.05 15:47:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.06.04 10:52:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2009.06.04 10:43:29 | 000,000,028 | ---- | C] () -- C:\WINDOWS\AlphaPlayer.INI
[2009.04.07 10:42:36 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini
[2009.02.15 21:07:42 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2009.01.16 11:52:27 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.11.03 15:30:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008.10.16 13:51:18 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\stormmp3.dll
[2008.08.29 15:43:01 | 000,000,240 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.08.04 09:13:31 | 000,001,942 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2008.08.04 09:13:31 | 000,001,901 | ---- | C] () -- C:\WINDOWS\ATM.INI
[2008.08.04 09:13:31 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2008.08.04 09:13:25 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfc4.sys
[2008.08.04 09:12:10 | 000,000,606 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2008.08.04 09:03:03 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.29 14:21:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL
[2008.07.29 14:21:04 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2008.07.29 14:11:21 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
[2008.07.29 14:07:00 | 000,157,184 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.04.19 00:30:56 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[1997.06.14 13:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2008.10.28 12:29:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQ
[2010.01.12 10:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.06.26 17:36:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2008.10.30 15:46:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OrbNetworks
[2008.09.02 09:20:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SimCity Societies
[2009.11.30 11:04:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2009.01.16 11:53:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Black Sea Studios
[2009.05.23 12:15:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\FOG Downloader
[2010.07.09 17:34:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICQ
[2010.01.16 17:15:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Meine Die Schlacht um Mittelerde™ II-Dateien
[2008.07.31 14:07:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\My Games
[2010.02.05 15:03:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TS3Client
[2010.07.09 17:32:58 | 000,000,420 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2008.10.25 15:45:18 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========


< End of report >

So..das wars..ich hoffe ihr könnt mir helfen bei meinem Problem....
Danke schonmal im Voraus

Alt 12.07.2010, 11:03   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bekanntes Problem predictadme[1].js - Standard

bekanntes Problem predictadme[1].js



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten.
__________________

__________________

Antwort

Themen zu bekanntes Problem predictadme[1].js
0x00000001, acroiehelper.dll, antivir, avgntflt.sys, avira, bho, black, components, desktop, downloader, error, extras.txt, fehlercode 1, fehlercode 10, firefox, flash player, frage, google, help, hijack, home, homepage, iexplore.exe, jusched.exe, krdpdre, location, logfile, mozilla, oldtimer, otl.exe, otl.txt, plug-in, problem, realtek, registry, safer networking, saver, sched.exe, security, shell32.dll, sierra, software, sweetim, system error, teamspeak, warum, windows internet, windows internet explorer




Ähnliche Themen: bekanntes Problem predictadme[1].js


  1. Windows 8: Problem beim Starten von C:\ Problem Files (x86)\HomeTab\TBUpdater.dll
    Plagegeister aller Art und deren Bekämpfung - 27.02.2015 (9)
  2. McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da
    Log-Analyse und Auswertung - 09.02.2014 (5)
  3. Windows Vista Sicherheitscenter und AntiVir nach Neustart immer abgeschaltet - Bereits bekanntes Phänomen in Eurem Forum
    Log-Analyse und Auswertung - 08.10.2013 (9)
  4. Bildschirmblockierung durch BKA Trojaner, warscheinlich bekanntes Problem, hoffe auf Rettungsanleitung
    Log-Analyse und Auswertung - 22.02.2013 (7)
  5. Internet läuft langsam .. DNS Problem ? Manchmal friert alles ein Neustart behebt Problem
    Log-Analyse und Auswertung - 25.04.2012 (1)
  6. Bekanntes Problem: drwtsn32.exe/dwwin.exe Fehler in der Anwendung
    Plagegeister aller Art und deren Bekämpfung - 13.07.2011 (1)
  7. gleiches Problem wie http://www.trojaner-board.de/99057-das-system-hat-ein-problem-mit-einem-oder-me
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (1)
  8. Bekanntes problem TR/Kazy mekml.1
    Log-Analyse und Auswertung - 26.04.2011 (4)
  9. Problem mit explorer.exe verbunden mit Active Desktop-Problem
    Alles rund um Windows - 05.01.2011 (5)
  10. Bekanntes Wave-Regler-auf-0-Problem gepaart mit IE-Werbung
    Plagegeister aller Art und deren Bekämpfung - 16.11.2010 (4)
  11. Firefox problem, Anti-banner problem, Flashplayer problem, Viren problem?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (11)
  12. Problem mit Webseite und cikutalist-wo das Problem posten?
    Mülltonne - 30.09.2010 (2)
  13. Bekanntes Problem mit Onlinebanking-Trojaner auch bei mir | Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 15.08.2010 (23)
  14. Bekanntes Problem Antivirus XP 2008
    Log-Analyse und Auswertung - 31.08.2008 (18)
  15. problem mit der maus, wohl internes problem
    Alles rund um Windows - 24.02.2008 (5)
  16. Bekanntes iexplore.exe problem..
    Log-Analyse und Auswertung - 15.05.2007 (2)
  17. Problem mit Startseite - genau das gleiche Problem wie Staux!!!
    Plagegeister aller Art und deren Bekämpfung - 05.01.2005 (30)

Zum Thema bekanntes Problem predictadme[1].js - Hallo! Ich habe auch das bekannte Problem mit predictadme[1].js...leider konnte ich mein problem nicht bei den schon vorhandenen Beiträgen dazu posten - fragt mich nciht warum das nicht ging, kA - bekanntes Problem predictadme[1].js...
Archiv
Du betrachtest: bekanntes Problem predictadme[1].js auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.