Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.11.2010, 19:20   #1
yZz
 
TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll - Standard

TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll



Guten Abend und Hallo

Seit gerade eben zeigt mir mein antivir Programm an, das mein System von dem Virus "TR/Crypt.XPACK.Gen" befallen ist.

Ich bekam auf einmal eine Viruswarnung das der Virus in dem Ordner C:\windows\system32\drmuasks.dll und in C:\ARK196.tmp ist.

Ich lasse gerade meinen Viren Scanner Durchlaufen. Nun ist meine Frage da die Fehlermeldung seit 1 Stunde ungefähr jede Minute auftritt, wie man diesen Virus entfernen kann.

Ich habe schon einen OTL Scan Durchgeführt:

-OTL Logfile

Code:
ATTFilter
OTL logfile created on: 03.11.2010 19:00:38 - Run 1
OTL by OldTimer - Version 3.2.17.2     Folder = C:\Dokumente und Einstellungen\Dennis\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 58,59 Gb Total Space | 27,34 Gb Free Space | 46,65% Space Free | Partition Type: NTFS
Drive E: | 58,75 Gb Total Space | 18,55 Gb Free Space | 31,58% Space Free | Partition Type: NTFS
Drive F: | 58,59 Gb Total Space | 18,09 Gb Free Space | 30,87% Space Free | Partition Type: NTFS
Drive G: | 56,95 Gb Total Space | 0,65 Gb Free Space | 1,15% Space Free | Partition Type: NTFS
 
Computer Name: DENNIS-7D366BD3 | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Dennis\Desktop\TuneUpUtilities2011_de-DE.exe (TuneUp Software)
PRC - C:\Dokumente und Einstellungen\Dennis\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - G:\Programme\Xfire\xfire.exe (Xfire Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
PRC - C:\Programme\ROCCAT\Kone Mouse\OSD.exe (ROCCAT)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Dennis\Desktop\OTL.exe (OldTimer Tools)
MOD - G:\Programme\Xfire\xfire_toucan_43094.dll (Xfire Inc.)
MOD - C:\WINDOWS\system32\ddraw.dll (Microsoft Corporation)
MOD - C:\WINDOWS\ugibuyutomobuni.dll ()
MOD - C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\dciman32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirScheduler) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (axskbus) -- C:\WINDOWS\System32\DRIVERS\axskbus.sys File not found
DRV - (axsaki) -- C:\WINDOWS\System32\DRIVERS\axsaki.sys File not found
DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys ()
DRV - (ESLvnic1) -- C:\WINDOWS\system32\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (KoneFltr) -- C:\WINDOWS\system32\drivers\Kone.sys (ROCCAT Ltd)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (xusb21) -- C:\WINDOWS\system32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.back2bash.clan7.de/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Programme\Techno4ever\tbTec0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {94FB2911-99A5-4797-830E-F32357276167}:1.9.1
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{94FB2911-99A5-4797-830E-F32357276167}: C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\{94FB2911-99A5-4797-830E-F32357276167}\ [2010.11.03 17:39:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.10.29 12:31:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.28 20:35:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.06.24 14:36:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.14\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.06.24 14:36:10 | 000,000,000 | ---D | M]
 
[2009.01.21 18:57:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Extensions
[2010.11.03 18:10:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Firefox\Profiles\2fku5s1z.default\extensions
[2010.08.01 09:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Firefox\Profiles\2fku5s1z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.10.28 16:17:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Firefox\Profiles\2fku5s1z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.11.27 16:44:26 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Firefox\Profiles\2fku5s1z.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.10.31 20:10:23 | 000,002,387 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Mozilla\Firefox\Profiles\2fku5s1z.default\searchplugins\askcom.xml
[2010.11.03 18:10:08 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.07.15 19:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.26 14:29:33 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.26 14:29:33 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.26 14:29:33 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.26 14:29:33 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.26 14:29:33 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.09.09 13:05:54 | 000,263,031 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 9121 more lines...
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {0BD44AB1-76A7-4E05-92F4-4B065FE72BD6} - C:\Programme\Applications\iebt.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Techno4ever Toolbar) - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Programme\Techno4ever\tbTec0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Internet Service) - {94A5C93F-BD18-4C46-B777-C94C145C3CAB} - C:\Programme\Applications\iebr.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Techno4ever Toolbar) - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Programme\Techno4ever\tbTec0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Techno4ever Toolbar) - {FB7D98CB-B228-4ECB-ACAC-E7101156338E} - C:\Programme\Techno4ever\tbTec0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Techno4ever Toolbar) - {FB7D98CB-B228-4ECB-ACAC-E7101156338E} - C:\Programme\Techno4ever\tbTec0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Gmakaxuwibiqoref] C:\WINDOWS\ugibuyutomobuni.DLL ()
O4 - HKLM..\Run: [Kone] C:\Programme\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Bvozoxoyiviyif] C:\WINDOWS\kcxc40.DLL File not found
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] E:\Programme\Spybot - Search & Destroy\TeaTimer.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\Dennis\Startmenü\Programme\Autostart\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: smile = C:\Programme\Applications\wcs.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.17 15:20:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{04db03de-972e-11df-8f9c-001d7dc66538}\Shell - "" = AutoRun
O33 - MountPoints2\{04db03de-972e-11df-8f9c-001d7dc66538}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{04db03de-972e-11df-8f9c-001d7dc66538}\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\{e46aca0c-0e90-11df-8edd-001d7dc66538}\Shell\AutoRun\command - "" = Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: asr_emon - (C:\WINDOWS\system32\drmuasks.dll) - C:\WINDOWS\System32\drmuasks.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.03 19:00:11 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.11.03 19:00:08 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.11.03 18:59:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\TuneUp Software
[2010.11.03 18:58:41 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2011
[2010.11.03 18:58:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.11.03 18:58:03 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.11.03 18:50:40 | 020,077,888 | ---- | C] (TuneUp Software) -- C:\Dokumente und Einstellungen\Dennis\Desktop\TuneUpUtilities2011_de-DE.exe
[2010.11.03 18:27:35 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Dennis\Desktop\OTL.exe
[2010.11.03 18:13:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia
[2010.11.03 17:39:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\{94FB2911-99A5-4797-830E-F32357276167}
[2010.11.02 16:52:16 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2010.11.02 16:51:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX
[2010.10.29 12:15:56 | 000,841,912 | ---- | C] (<Turtle Entertainment>) -- C:\WINDOWS\System32\drivers\ESLWireACD.sys
[2010.10.29 12:15:51 | 000,024,504 | ---- | C] (Turtle Entertainment GmbH) -- C:\WINDOWS\System32\drivers\ESLvnic.sys
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.03 19:01:01 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010.11.03 19:00:06 | 000,001,718 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.11.03 19:00:06 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2011.lnk
[2010.11.03 18:51:24 | 020,077,888 | ---- | M] (TuneUp Software) -- C:\Dokumente und Einstellungen\Dennis\Desktop\TuneUpUtilities2011_de-DE.exe
[2010.11.03 18:47:32 | 000,471,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Load.exe
[2010.11.03 18:27:37 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Dennis\Desktop\OTL.exe
[2010.11.03 17:39:54 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Yhobeyeyogom.dat
[2010.11.03 17:39:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Qkuvoqibuzixuqot.bin
[2010.11.03 17:37:54 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.03 15:41:57 | 000,138,520 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.11.03 15:41:48 | 000,233,960 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.11.03 15:14:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.11.03 15:06:13 | 000,002,444 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.03 15:05:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.02 16:59:38 | 000,104,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.31 18:53:20 | 001,536,838 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00333.JPG
[2010.10.31 18:48:16 | 001,446,590 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00328.JPG
[2010.10.31 18:48:16 | 001,339,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00329.JPG
[2010.10.26 14:48:50 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.10.26 14:43:56 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.10.25 18:50:31 | 005,388,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\14 50 Cent - Questions feat. Nate Dogg.mp3
[2010.10.21 22:21:09 | 000,039,692 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\ts3_clientui-win32-12599-2010-10-21 23_21_08.718750.dmp
[2010.10.21 19:43:35 | 003,255,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Swedish House Mafia - One.wma
[2010.10.21 16:05:02 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2010.10.21 16:05:02 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2010.10.20 09:38:40 | 000,841,912 | ---- | M] (<Turtle Entertainment>) -- C:\WINDOWS\System32\drivers\ESLWireACD.sys
[2010.10.13 11:19:54 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) -- C:\WINDOWS\System32\drivers\ESLvnic.sys
[2010.10.08 13:11:53 | 001,640,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Stromae - Te Quiero.mp3
[2010.10.08 12:52:05 | 001,937,536 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Stromae - House'll'elujah.mp3
[2010.10.06 22:18:48 | 000,030,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\ts3_clientui-win32-12451-2010-10-06 23_18_46.453125.dmp
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.03 19:00:06 | 000,001,718 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.11.03 19:00:06 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2011.lnk
[2010.11.03 18:47:32 | 000,471,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Load.exe
[2010.11.03 17:39:54 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Yhobeyeyogom.dat
[2010.11.03 17:39:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Qkuvoqibuzixuqot.bin
[2010.10.31 18:52:27 | 001,536,838 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00333.JPG
[2010.10.31 18:46:47 | 001,339,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00329.JPG
[2010.10.31 18:46:42 | 001,446,590 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\DSC00328.JPG
[2010.10.25 18:27:35 | 005,388,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\14 50 Cent - Questions feat. Nate Dogg.mp3
[2010.10.21 22:21:08 | 000,039,692 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\ts3_clientui-win32-12599-2010-10-21 23_21_08.718750.dmp
[2010.10.21 16:06:35 | 003,255,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Swedish House Mafia - One.wma
[2010.10.08 12:24:06 | 001,937,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Stromae - House'll'elujah.mp3
[2010.10.08 12:20:51 | 001,640,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Stromae - Te Quiero.mp3
[2010.10.06 22:18:46 | 000,030,960 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Eigene Dateien\ts3_clientui-win32-12451-2010-10-06 23_18_46.453125.dmp
[2010.07.24 15:13:34 | 000,722,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.07.09 20:04:40 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.06.24 21:44:58 | 000,161,720 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.06.20 17:54:21 | 000,050,718 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x64.cab
[2010.06.08 18:13:01 | 000,000,258 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010.06.02 04:22:00 | 000,122,408 | ---- | C] () -- C:\Programme\Aug2009_XACT_x64.cab
[2010.06.02 04:22:00 | 000,093,106 | ---- | C] () -- C:\Programme\Aug2009_XACT_x86.cab
[2010.06.02 04:21:58 | 000,930,116 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x64.cab
[2010.06.02 04:21:58 | 000,728,456 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x86.cab
[2010.06.02 04:21:58 | 000,232,635 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x64.cab
[2010.06.02 04:21:58 | 000,192,131 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x86.cab
[2010.06.02 04:21:58 | 000,136,301 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x64.cab
[2010.06.02 04:21:58 | 000,105,044 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x86.cab
[2010.06.02 04:21:56 | 003,319,740 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 04:21:56 | 003,112,111 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 04:21:56 | 000,900,598 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 04:21:46 | 000,919,044 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 04:21:46 | 000,271,412 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x64.cab
[2010.06.02 04:21:46 | 000,271,038 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x86.cab
[2010.06.02 04:21:44 | 001,794,084 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x64.cab
[2010.06.02 04:21:44 | 001,464,672 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x86.cab
[2010.06.02 04:21:44 | 000,849,167 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x86.cab
[2010.06.02 04:21:44 | 000,198,096 | ---- | C] () -- C:\Programme\AUG2007_XACT_x64.cab
[2010.06.02 04:21:44 | 000,153,012 | ---- | C] () -- C:\Programme\AUG2007_XACT_x86.cab
[2010.06.02 04:21:44 | 000,121,772 | ---- | C] () -- C:\Programme\Aug2008_XACT_x64.cab
[2010.06.02 04:21:44 | 000,092,996 | ---- | C] () -- C:\Programme\Aug2008_XACT_x86.cab
[2010.06.02 04:21:42 | 001,800,160 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x64.cab
[2010.06.02 04:21:42 | 001,708,152 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x86.cab
[2010.06.02 04:21:42 | 000,867,612 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x64.cab
[2010.06.02 04:21:42 | 000,852,286 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x64.cab
[2010.06.02 04:21:42 | 000,796,867 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x86.cab
[2010.06.02 04:21:40 | 001,350,542 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2010.06.02 04:21:40 | 001,077,644 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2010.06.02 04:21:40 | 000,182,903 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab
[2010.06.02 04:21:40 | 000,137,235 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab
[2010.06.02 04:21:40 | 000,087,142 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab
[2010.06.02 04:21:40 | 000,053,302 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab
[2010.06.02 04:21:40 | 000,046,058 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab
[2010.06.02 04:21:38 | 001,606,039 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab
[2010.06.02 04:21:38 | 000,195,766 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab
[2010.06.02 04:21:38 | 000,151,225 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab
[2010.06.02 04:21:38 | 000,096,817 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab
[2010.06.02 04:21:36 | 001,607,358 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab
[2010.06.02 04:21:36 | 000,698,612 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab
[2010.06.02 04:21:36 | 000,695,865 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab
[2010.06.02 04:21:34 | 000,046,010 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab
[2010.06.02 04:21:20 | 000,087,101 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab
[2010.06.02 04:21:18 | 004,162,630 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 04:21:18 | 000,916,430 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab
[2010.06.02 04:21:18 | 000,179,133 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab
[2010.06.02 04:21:18 | 000,133,103 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab
[2010.06.02 04:21:16 | 001,397,830 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab
[2010.06.02 04:21:16 | 001,347,354 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab
[2010.06.02 04:21:16 | 001,115,221 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab
[2010.06.02 04:21:16 | 001,078,962 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab
[2010.01.31 18:49:50 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2009.09.13 18:41:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.13 15:13:17 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2009.07.27 23:03:31 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2009.07.23 12:13:23 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009.07.01 13:02:41 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.04.09 14:54:18 | 000,000,051 | ---- | C] () -- C:\WINDOWS\TSetup.INI
[2008.10.30 09:49:34 | 000,000,022 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\8f01a90e-7eb3-48d3-93b1-50d88fd146fb
[2008.09.10 06:35:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.09.10 06:35:28 | 000,007,718 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2008.09.09 11:28:38 | 000,000,943 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.07.13 15:02:29 | 000,104,960 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.18 14:59:56 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.05.21 16:44:22 | 000,000,255 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.05.21 14:56:16 | 000,138,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.05.21 14:56:15 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\PnkBstrK.sys
[2008.05.17 22:08:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.02.28 13:00:00 | 000,198,144 | ---- | C] () -- C:\WINDOWS\ugibuyutomobuni.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 508 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:888AFB86

< End of report >
         
Extras logfile

Code:
ATTFilter
OTL Extras logfile created on: 03.11.2010 19:00:38 - Run 1
OTL by OldTimer - Version 3.2.17.2     Folder = C:\Dokumente und Einstellungen\Dennis\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 58,59 Gb Total Space | 27,34 Gb Free Space | 46,65% Space Free | Partition Type: NTFS
Drive E: | 58,75 Gb Total Space | 18,55 Gb Free Space | 31,58% Space Free | Partition Type: NTFS
Drive F: | 58,59 Gb Total Space | 18,09 Gb Free Space | 30,87% Space Free | Partition Type: NTFS
Drive G: | 56,95 Gb Total Space | 0,65 Gb Free Space | 1,15% Space Free | Partition Type: NTFS
 
Computer Name: DENNIS-7D366BD3 | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"57871:TCP" = 57871:TCP:*:Enabled:Pando Media Booster
"57871:UDP" = 57871:UDP:*:Enabled:Pando Media Booster
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"57871:TCP" = 57871:TCP:*:Enabled:Pando Media Booster
"57871:UDP" = 57871:UDP:*:Enabled:Pando Media Booster
"6906:TCP" = 6906:TCP:*:Enabled:League of Legends Launcher
"6906:UDP" = 6906:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"E:\Programme\Warcraft III\War3.exe" = E:\Programme\Warcraft III\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"E:\Programme\GTactix\GTactix.exe" = E:\Programme\GTactix\GTactix.exe:*:Enabled:Gtactix -- (Josh Kuhn (aka VR6R))
"C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"E:\World of Warcraft\Launcher.exe" = E:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"E:\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"G:\Call of Duty 2\CoD2MP_s.exe" = G:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"E:\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"G:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = G:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.)
"G:\Programme\Sony\Vegas Pro 8.0\VegSrv80.exe" = G:\Programme\Sony\Vegas Pro 8.0\VegSrv80.exe:*:Enabled:Sony Vegas Network Render Service Control -- (Sony Pictures Digital Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"G:\Programme\mIRC\mirc.exe" = G:\Programme\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"G:\Programme\Xfire\xfire.exe" = G:\Programme\Xfire\xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"G:\Programme\ICQ6\ICQ.exe" = G:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ Library -- (ICQ, Inc.)
"G:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe" = G:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher -- (EA Phenomic)
"G:\Programme\Electronic Arts\BattleForge\BattleForge.exe" = G:\Programme\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™ -- (EA Phenomic)
"C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\Dyyno Receiver\DPPM.exe" = C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\Dyyno Receiver\DPPM.exe:*:Enabled:Dyyno Plugin Receiver -- ()
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"E:\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"E:\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = E:\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"G:\Programme\Steam\Steam.exe" = G:\Programme\Steam\Steam.exe:*:Enabled:Steam 732897 -- (Valve Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Java\jre1.6.0_06\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_06\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe" = C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player -- (Octoshape ApS)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = F:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"F:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = F:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Programme\Ventrilo\Ventrilo.exe" = C:\Programme\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"E:\Programme\iTunes\iTunes.exe" = E:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"G:\Programme\Steam\steamapps\xbennox1992\condition zero\hl.exe" = G:\Programme\Steam\steamapps\xbennox1992\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\Dennis\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Dokumente und Einstellungen\Dennis\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"G:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = G:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- ()
"G:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = G:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- ()
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"E:\League of Legends\Air\LolClient.exe" = E:\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- (Adobe Systems Inc.)
"E:\League of Legends\Game\League of Legends.exe" = E:\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- ()
"F:\StarCraft II\StarCraft II.exe" = F:\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"G:\Programme\Steam\steamapps\xbennox1992\counter-strike\hl.exe" = G:\Programme\Steam\steamapps\xbennox1992\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
"F:\Call of Duty 4 - Modern Warfare\iw3mp.exe" = F:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp -- ()
"G:\Programme\Steam\steamapps\xbennox1992\counter-strike source\hl2.exe" = G:\Programme\Steam\steamapps\xbennox1992\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
"C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Apps\2.0\G1XGEVRE.J0W\QQ8M89VW.EXM\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe" = C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Apps\2.0\G1XGEVRE.J0W\QQ8M89VW.EXM\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{046ED2B7-14D5-4F2C-A275-09D54CEFE757}" = GTactix
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{17BADF87-3597-46FE-8D74-69C4FA78883E}" = Gothic 3
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{99BEB67F-B288-44F5-8B2A-23F5F522A1AE}_is1" = Universal Anticheat 2 v2.48 b360
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D02AA9-23DE-47D6-8549-042C58B5DDC3}" = GGC Client
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"A307D87020E39093FB889B1E539D33F93A41470A" = Windows Driver Package - ROCCAT (HidUsb) HIDClass  (05/03/2008 1.00)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"Deutsches Tastaturlayout (X11)_is1" = Deutsches Tastaturlayout (X11) 0.9
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.2
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 2.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"ICQToolbar" = ICQ Toolbar
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"League of Legends_is1" = League of Legends
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (2.0.0.14)" = Mozilla Thunderbird (2.0.0.14)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PunkBusterSvc" = PunkBuster Services
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Techno4ever Toolbar" = Techno4ever Toolbar
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.6
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Sidebar" = Windows Sidebar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMP11" = Windows Media Player 11 Slipstream
"World of Warcraft" = World of Warcraft
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Companion" = Yahoo! Companion
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Octoshape Streaming Services" = Octoshape Streaming Services
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.10.2010 07:36:32 | Computer Name = DENNIS-7D366BD3 | Source = ESENT | ID = 490
Description = svchost (1184) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 21.10.2010 07:36:34 | Computer Name = DENNIS-7D366BD3 | Source = ESENT | ID = 490
Description = svchost (1184) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 21.10.2010 09:34:55 | Computer Name = DENNIS-7D366BD3 | Source = ESENT | ID = 490
Description = svchost (1180) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 21.10.2010 09:34:57 | Computer Name = DENNIS-7D366BD3 | Source = ESENT | ID = 490
Description = svchost (1180) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 22.10.2010 14:46:48 | Computer Name = DENNIS-7D366BD3 | Source = ESENT | ID = 490
Description = svchost (1180) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 29.10.2010 07:15:14 | Computer Name = DENNIS-7D366BD3 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 29.10.2010 07:15:14 | Computer Name = DENNIS-7D366BD3 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 31.10.2010 04:44:22 | Computer Name = DENNIS-7D366BD3 | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 31.10.2010 04:44:22 | Computer Name = DENNIS-7D366BD3 | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 31.10.2010 04:44:22 | Computer Name = DENNIS-7D366BD3 | Source = Bonjour Service | ID = 100
Description = 476: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
[ System Events ]
Error - 21.10.2010 09:36:45 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 21.10.2010 09:36:49 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7034
Description = Dienst "ICQ Service" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 21.10.2010 09:37:02 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Starten Sie den Dienst neu..
 
Error - 23.10.2010 14:19:51 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Starten Sie den Dienst neu..
 
Error - 23.10.2010 14:20:16 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 29.10.2010 07:12:31 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 03.11.2010 14:00:10 | Computer Name = DENNIS-7D366BD3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1083
 
 
< End of report >
         
Ich hoffe auf Schnelle hilfe von euch.

Mit Freundlichen Grüßen yZz

Alt 04.11.2010, 16:27   #2
yZz
 
TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll - Standard

TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll



Problem hat sich Gelöst, danke Trotzdem
__________________


Antwort

Themen zu TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll
0x00000001, alternate, antivir, avgntflt.sys, avira, call of duty, components, conduit, converter, counter-strike source, downloader, entfernen, error, firefox, firefox.exe, flash player, fontcache, google, jdownloader, jusched.exe, league of legends, location, locker, logfile, mozilla thunderbird, mp3, oldtimer, otl scan, otl.exe, plug-in, programm, realtek, remote control, saver, scan, sched.exe, schnelle hilfe, searchplugins, security, server, shell32.dll, software, sptd.sys, starten, studio, system, system restore, teamspeak, tr/crypt.xpack.ge, tr/crypt.xpack.gen, viren, virus, virus entfernen, vlc media player, windows, world at war




Ähnliche Themen: TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll


  1. Windows 7: TR/Crypt.XPACK.Gen5 & Windows fährt nicht mehr herunter
    Log-Analyse und Auswertung - 05.10.2014 (20)
  2. Antivir meldet TR/Crypt.XPACK.Gen2 in C:\WINDOWS\system32\dwwin.exe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (8)
  3. C:\WINDOWS\system32\MRT.exe = TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (24)
  4. Probleme mit .NET Framework, windows update und Systemwiederherstellung, Trojaner TR/Crypt.XPACK.Gen8, TR/Crypt.ULPM.Gen
    Plagegeister aller Art und deren Bekämpfung - 23.09.2012 (11)
  5. TR/Crypt.XPACK.Gen, TR/Sirefef.BV.2, TR/Crypt.XPACK.Gen3, TR/PSW.Karagany.A.73
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (2)
  6. Antivir Meldung C\windows\system32\wmhtll32.dll ist TR/Crypt.XPack.GEN
    Plagegeister aller Art und deren Bekämpfung - 09.11.2010 (8)
  7. TR/Crypt.XPACK.Gen3 - nach formatierung von C: TR/Crypt.XPACK.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (9)
  8. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  9. TR/Dropper.gen und TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen2 und TR/Dldr.Agent.cxyf.3
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (32)
  10. TR/Crypt.ZPACK.Gen in C:\WINDOWS\system32\drivers\dbjrhi.sys
    Plagegeister aller Art und deren Bekämpfung - 22.06.2010 (12)
  11. Trojan TR/Crypt.XPACK.Gen2 in Windows\system32\srvdev.dll' und regrgwiz32.dll'
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (12)
  12. TR/dldr.swizzor.gen2, TR/crypt.xpack.gen, TR/crypt.zpack.gen unter Windows XP
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (15)
  13. TR/Crypt.XPACK.Gen2 in C:\Windows\System32\iebho1D.dll
    Plagegeister aller Art und deren Bekämpfung - 06.06.2010 (14)
  14. TR/Crypt.ZPACK.Gen in C:\windows\system32\msekgh.exe
    Plagegeister aller Art und deren Bekämpfung - 02.03.2010 (5)
  15. TR/Crypt.XPACK.Gen in C:\windows\system32\lpt8.nje
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (1)
  16. TR/Crypt.XPACK.Gen in C:\WINDOWS\system32\xmlinst.exe
    Plagegeister aller Art und deren Bekämpfung - 04.03.2009 (5)
  17. WINDOWS\System32\ssqonkl.dll TR/Crypt.ULPM.Gen
    Log-Analyse und Auswertung - 28.02.2007 (22)

Zum Thema TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll - Guten Abend und Hallo Seit gerade eben zeigt mir mein antivir Programm an, das mein System von dem Virus "TR/Crypt.XPACK.Gen" befallen ist. Ich bekam auf einmal eine Viruswarnung das der - TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll...
Archiv
Du betrachtest: TR/Crypt.XPACK.Gen Schlagartig in C:\windows\system32\drmuasks.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.