Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: spyware.passwords.xgen

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 25.11.2010, 20:54   #1
Urmel
 
spyware.passwords.xgen - Standard

spyware.passwords.xgen



Hallo,

nach langer Abwesenheit melde ich mich zurück.

Probleme mit meinem System bestehen nicht.
Auf den Verdacht das mein System belastet sein könnte, war, das in einem anderen Forum in der Signatur ein Link eingefügt wurde, aber nicht von mir.

Darauf hin habe ich mein System Win7 64bit. mit Avast im Abgesichertenmodus scannen lassen.
Genauso wie heute, hat auch Malwareb. dann angeschlagen.

hier der log von Malwareb.

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
 
Datenbank Version: 5184
 
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
 
25.11.2010 20:29:27
mbam-log-2010-11-25 (20-29-27).txt
 
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 141809
Laufzeit: 2 Minute(n), 45 Sekunde(n)
 
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
 
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
 
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateien:
C:\Users\******\AppData\Local\Temp\mstsc.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
         
Den oben beschriebenen Ordner/Datei hab ich nicht gefunden, habe ihn aber von Malwarb. löschen lassen.


Warning-Editor-Ordner Avast.
Code:
ATTFilter
08.12.2009    14:31:36    1260279096    SYSTEM    1272    Function setifaceUpdatePackages() has failed. Return code is 0x2000001A, dwRes is 2000001A.  
08.12.2009    16:50:30    1260287430    SYSTEM    1280    Function setifaceUpdatePackages() has failed. Return code is 0x2000001A, dwRes is 2000001A.  
08.12.2009    18:16:09    1260292569    ******    3216    Function setifaceUpdatePackages() has failed. Return code is 0x2000001A, dwRes is 2000001A.  
08.12.2009    18:16:52    1260292612    ******    3220    Function setifaceUpdatePackages() has failed. Return code is 0x2000001A, dwRes is 2000001A.  
23.12.2009    21:44:22    1261601062    SYSTEM    1284    AAVM - scanning warning: x_AavmCheckFileDirectEx: hxxp://download.microsoft.com/download/A/E/1/ae1fd3f4-3d97-4d69-97b0-620e9cecb5ab/Happiness%20Factory_Windows7.themepack (C:\Windows\TEMP\_avast4_\unp7685161.tmp) returning error, 00000026.  
31.12.2009    17:05:45    1262275545    SYSTEM    1268    AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\*****\AppData\Roaming\Winamp\Plugins\ml\rss.xml (C:\Users\******\AppData\Roaming\Winamp\Plugins\ml\rss.xml) returning error, 00000005.  
01.02.2010    21:38:22    1265056702    SYSTEM    1228    AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\WerFault.exe (C:\Windows\System32\WerFault.exe) returning error, 0000A413.  
01.04.2010    13:42:49    1270122169    SYSTEM    1380    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
06.06.2010    20:28:05    1275848885    SYSTEM    1256    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
29.06.2010    22:51:03    1277844663    SYSTEM    1244    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
15.07.2010    23:54:32    1279230872    SYSTEM    1164    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
28.07.2010    11:20:53    1280308853    SYSTEM    1164    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
05.08.2010    20:56:00    1281034560    SYSTEM    1168    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
07.08.2010    23:51:47    1281217907    SYSTEM    1176    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
09.08.2010    04:08:24    1281319704    SYSTEM    1180    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
22.08.2010    10:01:09    1282464069    SYSTEM    1260    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
30.08.2010    20:56:38    1283194598    SYSTEM    1252    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
09.09.2010    14:52:52    1284036772    SYSTEM    1252    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
11.09.2010    06:41:15    1284180075    SYSTEM    1252    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
12.09.2010    15:31:52    1284298312    SYSTEM    1268    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
13.09.2010    11:48:13    1284371293    SYSTEM    1160    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
15.09.2010    08:59:14    1284533954    SYSTEM    1256    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
19.09.2010    12:11:12    1284891072    SYSTEM    1240    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
26.09.2010    01:24:15    1285457055    SYSTEM    1248    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
27.09.2010    06:22:42    1285561362    SYSTEM    1252    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
29.09.2010    08:02:40    1285740160    SYSTEM    1280    AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\******\AppData\Roaming\skypePM\2010-09-29-1.ezlog (C:\Users\******\AppData\Roaming\skypePM\2010-09-29-1.ezlog) returning error, 00000005.  
01.10.2010    17:50:15    1285948215    SYSTEM    1252    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
04.10.2010    09:10:03    1286176203    SYSTEM    1236    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
09.10.2010    22:17:11    1286655431    SYSTEM    1244    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
05.11.2010    13:18:02    1288959482    SYSTEM    1228    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    13:18:02    1288959482    SYSTEM    1228    An error has occured while attempting to update. Please check the logs.  
05.11.2010    14:45:01    1288964701    ******    2960    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:55:27    1288965327    SYSTEM    1268    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:55:38    1288965338    SYSTEM    1268    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:55:38    1288965338    SYSTEM    1268    An error has occured while attempting to update. Please check the logs.  
05.11.2010    14:56:17    1288965377    ******    372    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:58:50    1288965530    SYSTEM    1256    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:59:01    1288965541    SYSTEM    1256    Function setifaceUpdatePackages() has failed. Return code is 0x20000006, dwRes is 20000006.  
05.11.2010    14:59:01    1288965541    SYSTEM    1256    An error has occured while attempting to update. Please check the logs.  
05.11.2010    15:03:35    1288965815    ******    1352    Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.  
05.11.2010    15:26:09    1288967169    ******    1352    Sign of "Win32:Malware-gen" has been found in "C:\Users\*****\AppData\Local\Temp\mstsc.exe" file.  
12.11.2010    07:01:09    1289541669    SYSTEM    1232    Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.  
16.11.2010    11:45:18    1289904318    SYSTEM    1264    Sign of "HTML:Script-inf" has been found in "hxxp://www.terra-jungle.de/index2.php?page=shop.product_details&flypage=flypage.tpl&product_id=145&category_id=40&option=com_virtuemart&Itemid=53&vmcchk=1&Itemid=53&pop=1&tmpl=component" file.  
24.11.2010    23:07:37    1290636457    ******    1776    Sign of "Win32:Malware-gen" has been found in "C:\Users\******\AppData\Local\Temp\mstsc.exe" file.
         
Zu Problemlösungen sind zwar Beiträge hier im Forum, leider hatten die Probleme mit Ihrem System(auch andere Viren), was aber bei mir nicht der Fall war/ist.

Wiederum war auch die rede von nur einer Fehlermeldung.

Ich bin jetzt etwas im unklaren und wäre für Hilfestellung dankbar.

"EDIT" Bitte in den richtigen Bereich verschieben, sorry und Danke!

MfG

hier noch die logfiel von OTL

Code:
ATTFilter
OTL Extras logfile created on: 25.11.2010 22:59:40 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\*****\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 218,87 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 577,47 Gb Free Space | 90,44% Space Free | Partition Type: NTFS
 
Computer Name: ******-PC | User Name: ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{A9513BBC-73B4-4856-BF83-0166523ABF09}" = 64 Bit HP CIO Components Installer
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{CC7D4CC8-FE90-17E2-FAC6-3D14C93DCE09}" = AMD Drag and Drop Transcoding
"{D9B52C63-4209-7129-BF10-FA5DCD38579E}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{1B3B5C60-70B8-F022-5497-03FD2772586C}" = CCC Help Greek
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{278AD90C-D27D-AA89-58DF-AD13852D51CA}" = CCC Help Spanish
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2CDBFF1A-6433-E94D-CA25-831FDB9775E9}" = CCC Help Italian
"{31DED885-1124-0E58-97FB-73E4EF692E8D}" = CCC Help Hungarian
"{32CF189D-52BB-4C1C-8F93-97E8F3CDDC95}" = Razer Habu Config
"{33B670D7-8A06-DA5B-0341-5630D1E12007}" = ccc-core-static
"{38D65ABC-A00B-6E13-2EF3-826CFC8CFC14}" = CCC Help French
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4325A0-43CD-10D1-64F6-BD2F90DCB756}" = Catalyst Control Center Graphics Previews Vista
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{51942928-CA56-4A3D-8A3D-60731B528E35}" = TurboV Remote
"{5774B4C1-8579-D5D9-8D38-A0CE32B6736C}" = CCC Help German
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5D19BB0D-9B04-5B85-9295-4E11BCB1C2C3}" = CCC Help Polish
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}" = LOST PLANET COLONIES
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{75794DD1-5D69-4E33-A141-C3D4B0724C71}" = Catalyst Control Center Graphics Previews Common
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E8454B5F-4122-864C-002D-31F878D2CBF4}" = CCC Help English
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F0E6252F-8DC2-B508-D412-1C427CDB3448}" = CCC Help Portuguese
"{FE4466A3-76B3-A9F4-9B22-150D6F8B4647}" = Catalyst Control Center Localization All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Crossfading" = Advanced Crossfading 1.7.6.1180
"avast!" = avast! Antivirus
"Blitzkrieg 2" = Blitzkrieg 2
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"EA Download Manager" = EA Download Manager
"EADM" = EA Download Manager
"FXCM Trading Station" = FXCM Trading Station
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MozBackup" = MozBackup 1.4.9
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"Streamripper" = Streamripper (Remove only)
"VLC media player" = VLC media player 1.1.4
"Warcraft III" = Warcraft III
"Winamp" = Winamp
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Anwendungserkennung
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 24.11.2010 17:36:00 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
 chestOpenList() failed: 2147422219.  
 
Error - 24.11.2010 17:36:19 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
 !m_strErrorWnd.IsEmpty().  
 
Error - 24.11.2010 17:37:32 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.  
 
Error - 24.11.2010 17:37:32 | Computer Name = *******-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
 chestOpenList() failed: 2147422219.  
 
Error - 24.11.2010 17:37:38 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
 !m_strErrorWnd.IsEmpty().  
 
Error - 24.11.2010 17:41:51 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.  
 
Error - 24.11.2010 17:41:51 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
 chestOpenList() failed: 2147422219.  
 
Error - 24.11.2010 17:41:53 | Computer Name = *****-PC | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::OnCreate()
 !m_strErrorWnd.IsEmpty().  
 
Error - 24.11.2010 17:46:47 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = Internal error has occurred in module aswar scan function failed!,
 function 00000002.  
 
Error - 24.11.2010 18:08:02 | Computer Name = ******-PC | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.  
 
[ Application Events ]
Error - 18.11.2010 05:54:17 | Computer Name = *******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 20.11.2010 17:48:26 | Computer Name = *******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 20.11.2010 17:48:33 | Computer Name = *******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 22.11.2010 12:51:43 | Computer Name = *******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 22.11.2010 12:51:50 | Computer Name = ******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 23.11.2010 15:41:01 | Computer Name = ******-PC | Source = Application Hang | ID = 1002
Description = Programm winamp.exe, Version 5.5.8.2985 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 190    Startzeit: 
01cb8b45998451a2    Endzeit: 46    Anwendungspfad: D:\Program Files (x86)\Winamp\winamp.exe
 
Berichts-ID:
 8c247f84-f739-11df-822d-90e6ba105e4b  
 
Error - 24.11.2010 08:40:44 | Computer Name = ******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 24.11.2010 08:40:50 | Computer Name = ******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 25.11.2010 13:54:08 | Computer Name = *****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 25.11.2010 13:54:15 | Computer Name = ******-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files
 (x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
[ System Events ]
Error - 25.11.2010 16:15:54 | Computer Name = ******-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = ******-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = ******-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = ******-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:15:54 | Computer Name = *******-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 25.11.2010 16:59:19 | Computer Name = ******-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 HP CUE DeviceDiscovery Service erreicht.
 
Error - 25.11.2010 16:59:19 | Computer Name = *******-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 25.11.2010 22:59:40 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Andreas\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 218,87 Gb Free Space | 74,73% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 577,47 Gb Free Space | 90,44% Space Free | Partition Type: NTFS
 
Computer Name: *****-PC | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\*****\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - d:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Programme\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - D:\Program Files (x86)\Razer\Habu\razerhid.exe ()
PRC - D:\Program Files (x86)\Razer\Habu\razertra.exe ()
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - D:\Program Files (x86)\Razer\Habu\razerofa.exe (Razer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\******\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (avast! Antivirus) -- d:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- d:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (ALWIL Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (HabuFltr) -- C:\Windows\SysNative\drivers\habu.sys (Razer (Asia-Pacific) Pte Ltd)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\Windows\SysNative\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E7 6A 03 BA C6 74 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.03.06 17:06:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.20 18:02:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.09.20 18:02:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2010.09.20 18:02:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast!] d:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Habu] D:\Program Files (x86)\Razer\Habu\razerhid.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.25 22:56:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe
[2010.11.25 00:03:43 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2010.11.25 00:03:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.25 00:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.25 00:03:34 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.06 18:54:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies
[2010.11.06 18:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010.10.27 06:09:29 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.10.27 06:09:29 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.10.27 06:09:29 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.10.27 06:09:29 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.10.27 06:09:28 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.10.27 06:09:28 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.10.27 06:09:28 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.10.27 06:09:22 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.25 22:56:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2010.11.25 22:06:29 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 22:06:29 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 22:03:28 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.25 22:03:28 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.25 22:03:28 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.25 22:03:28 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.25 22:03:28 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.25 21:59:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.25 21:59:05 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.25 00:03:38 | 000,000,686 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 23:58:45 | 000,000,299 | ---- | M] () -- C:\Users\*****\default.htm
[2010.11.24 21:00:46 | 000,024,064 | ---- | M] () -- C:\Users\*****\Documents\Hallo Hermes.doc
[2010.11.21 03:56:35 | 000,234,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.11.21 03:56:35 | 000,234,280 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.11.17 12:04:19 | 000,001,761 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.16 10:39:55 | 000,025,088 | ---- | M] () -- C:\Users\******\Documents\Wechsel Stabilisator.doc
[2010.11.02 00:05:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
 
========== Files Created - No Company Name ==========
 
[2010.11.25 00:03:38 | 000,000,686 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 23:58:45 | 000,000,299 | ---- | C] () -- C:\Users\*****\default.htm
[2010.11.24 21:00:45 | 000,024,064 | ---- | C] () -- C:\Users\*****\Documents\Hallo Hermes.doc
[2010.11.16 10:39:54 | 000,025,088 | ---- | C] () -- C:\Users\*****\Documents\Wechsel Stabilisator.doc
[2010.03.06 18:20:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.06 17:31:13 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.03.06 17:31:13 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.03.06 17:31:10 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.03.06 17:31:10 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.03.06 17:28:05 | 000,035,572 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.03.06 17:27:41 | 000,025,476 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.12.04 14:07:56 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009.12.04 12:32:40 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.11.26 20:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
 
========== LOP Check ==========
 
[2010.08.05 23:36:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\ICQ
[2010.03.06 17:10:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Opera
[2010.03.17 15:25:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PrimoPDF
[2010.03.06 17:10:38 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Razer
[2010.03.07 00:42:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\streamripper
[2010.09.20 18:02:43 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Thunderbird
[2010.06.09 14:11:57 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\UDC Profiles
[2010.11.12 13:10:48 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         

Antwort

Themen zu spyware.passwords.xgen
0x00000001, anti-malware, appdata, avast, avast!, awareness, c:\windows, c:\windows\system32\rundll32.exe, call of duty, cleaner pro, code, dateien, error, excel.exe, explorer, forum, html, ieframe.dll, install.exe, langs, link, location, log, löschen, malwarebytes, mozilla thunderbird, netzwerklistendienst, nicht gefunden, oldtimer, opera.exe, otl logfile, otl.exe, programdata, richtlinie, roaming, saver, scan, shell32.dll, shortcut, system, system32, syswow64, temp, vdeck.exe, verdacht, viren, vlc media player, webcheck, werfault.exe, win, win32, win7



Ähnliche Themen: spyware.passwords.xgen


  1. Infektion mit spyware.passwords.ed (Scan mit malware bytes)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (15)
  2. Spyware.Passwords.XGen gefunden - gefährlich oder nicht?
    Log-Analyse und Auswertung - 13.06.2013 (20)
  3. Spyware.Passwords mal 2
    Plagegeister aller Art und deren Bekämpfung - 15.06.2012 (1)
  4. Malwarebytes findet Spyware.Passwords / 2 infizierte Registrierungsschlüssel
    Log-Analyse und Auswertung - 06.03.2012 (15)
  5. Infiziert mit Trojan.Passwords und Trojan.Banker
    Log-Analyse und Auswertung - 13.01.2012 (9)
  6. mehrere Trojaner (Spy Banker, Stolen Data, Malware Gen/Trace, Trojan Passwords, Zbot)
    Log-Analyse und Auswertung - 20.12.2011 (21)
  7. Hilfe, Spyware.Passwords.XGen
    Plagegeister aller Art und deren Bekämpfung - 13.07.2011 (3)
  8. Adware.Zwunzi, Trojan.SpyEyes, Spyware.Passwords.XGen
    Plagegeister aller Art und deren Bekämpfung - 02.04.2011 (41)
  9. Spyware.Passwords.XGen + AntiVir startet nicht
    Plagegeister aller Art und deren Bekämpfung - 10.03.2011 (22)
  10. Trojan.SpyEyes.WC, Spyware.Passwords.XGen wirklich eliminiert?
    Plagegeister aller Art und deren Bekämpfung - 04.03.2011 (5)
  11. Spyware.Passwords.XGen wurde durch Malwarebytes gefunden
    Plagegeister aller Art und deren Bekämpfung - 24.12.2010 (2)
  12. Trojan.BHO, Spyware.Passwords.XGen, Trojan.Dropper und Trojan.Agent mit Malware gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (9)
  13. Malware Spyware.passwords.xgen durch Malwarebyte Anti-Malware erkannt.
    Plagegeister aller Art und deren Bekämpfung - 19.12.2010 (50)
  14. Spyware.Passwords.XGen, Trojan.Dropper.PGen, Packer.Suspicious, JAVA/Agent.2212
    Plagegeister aller Art und deren Bekämpfung - 05.12.2010 (3)
  15. Spyware.passwords.xgen, TR/Dropper.Gen, DR/Delf.O.37 gefunden
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (18)
  16. Warning! Spyware detected on your computer install an antivirus or spyware remover to
    Plagegeister aller Art und deren Bekämpfung - 11.09.2008 (30)
  17. 180Solutions Spyware/, VX2 Spyware/Adware, VB and VBA Program Settings Spyware/Adware
    Log-Analyse und Auswertung - 12.07.2006 (10)

Zum Thema spyware.passwords.xgen - Hallo, nach langer Abwesenheit melde ich mich zurück. Probleme mit meinem System bestehen nicht. Auf den Verdacht das mein System belastet sein könnte, war, das in einem anderen Forum in - spyware.passwords.xgen...
Archiv
Du betrachtest: spyware.passwords.xgen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.