| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows restoreWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.04.2011, 17:45
| #1 |
| |  Windows restore Hi hab das gleiche Problem wie mein Vorgänger und die gleichen Vorrausetzungen(kenn mich null aus). Hab das jetzt aber auch mal alles befolgt und da auch 2 txt datein raus bekommen. Wie bekomme ich denn das Ding jetzt wieder runter? |
|
13.04.2011, 17:48
| #2 |
| | Windows restore OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 13.04.2011 18:32:43 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 589,00 Mb Available Physical Memory | 58,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 1534 2000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 48,83 Gb Total Space | 5,85 Gb Free Space | 11,98% Space Free | Partition Type: NTFS Drive D: | 25,70 Gb Total Space | 2,78 Gb Free Space | 10,82% Space Free | Partition Type: NTFS Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 465,76 Gb Total Space | 338,04 Gb Free Space | 72,58% Space Free | Partition Type: NTFS Computer Name: BAUMI-7ZE26RTN5 | User Name: Baumi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.04.13 18:31:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\OTL.exe PRC - [2011.04.13 16:11:54 | 000,561,152 | ---- | M] (WinSCP) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EdCcYBPEqSpTN.exe PRC - [2010.11.05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe PRC - [2010.08.09 15:27:06 | 000,836,464 | ---- | M] (Opera Software) -- C:\Programme\Opera\opera.exe PRC - [2008.10.25 11:21:04 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe PRC - [2008.10.25 11:21:02 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe PRC - [2008.07.19 20:37:44 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe PRC - [2008.02.28 17:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe PRC - [2008.02.18 16:29:02 | 002,221,352 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe PRC - [2007.03.16 12:45:30 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe PRC - [2006.08.04 09:58:34 | 000,610,304 | ---- | M] (Hama GmbH & Co KG) -- C:\Programme\Hama\Common\RaUI.exe PRC - [2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (SafeList) ========== MOD - [2011.04.13 18:31:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\OTL.exe MOD - [2004.08.04 00:54:28 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.11.05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service) SRV - [2008.10.25 11:21:04 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler) SRV - [2008.10.25 11:21:02 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService) SRV - [2008.02.28 17:07:48 | 000,529,704 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2005.01.06 18:41:22 | 000,462,848 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxbxcoms.exe -- (lxbx_device) ========== Driver Services (SafeList) ========== DRV - [2010.01.27 17:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - [2009.06.03 20:41:13 | 000,022,360 | ---- | M] (Avira GmbH) [File_System | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys -- (avgntmgr) DRV - [2009.06.03 20:41:12 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2009.06.03 20:41:12 | 000,045,400 | ---- | M] (Avira GmbH) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgntdd.sys -- (avgntdd) DRV - [2008.05.02 10:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2008.05.02 10:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2008.05.02 10:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2008.05.02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008.04.19 19:46:45 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.02.12 00:15:30 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2007.06.27 15:42:00 | 000,207,488 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM) DRV - [2006.01.12 20:46:28 | 000,252,928 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2005.05.19 17:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF) DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2003.05.21 19:47:12 | 000,175,360 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2001.08.17 13:11:30 | 000,026,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCM4E5.SYS -- (BCM44X2) DRV - [2001.08.17 13:11:26 | 000,054,271 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm42xx5.sys -- (BCM42XX) Broadcom iLine10(tm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {E78313ED-E64C-451B-9B5F-8A66A8D08A64}:2.5.10.1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.11 19:23:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.03.26 15:38:13 | 000,000,000 | ---D | M] [2010.02.18 18:23:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Extensions [2011.03.24 17:30:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions [2009.09.03 16:42:19 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.11 12:05:02 | 000,000,000 | -H-D | M] (MyPlayCity Toolbar) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} [2009.10.13 18:43:34 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.08.21 11:54:57 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.07.12 21:21:39 | 000,000,000 | -H-D | M] (FireFox accelerator) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\Mozilla\Firefox\Profiles\mc3f64uz.default\extensions\{E78313ED-E64C-451B-9B5F-8A66A8D08A64} [2011.03.24 17:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.10.13 18:42:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008.11.24 20:03:15 | 000,719,064 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv415.dll [2009.09.21 12:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv522.dll [2011.02.25 14:21:50 | 001,467,904 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv530.dll [2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.13 17:23:28 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - File not found O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - File not found O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AudioDeck] C:\Programme\VIA\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe (Microsoft Corporation) O4 - HKLM..\Run: [EzPrint] C:\Programme\Lexmark 7100 Series\ezprint.exe () O4 - HKLM..\Run: [LXBXCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.DLL () O4 - HKLM..\Run: [lxbxmon.exe] File not found O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.) O4 - HKCU..\Run: [{021B553B-5689-7986-F4C3-A28A7C6C106E}] File not found O4 - HKCU..\Run: [EdCcYBPEqSpTN] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EdCcYBPEqSpTN.exe (WinSCP) O4 - HKCU..\Run: [Getdo] File not found O4 - HKCU..\Run: [Helper] File not found O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKCU..\Run: [Setinx] File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hama Wireless LAN Utility.lnk = C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation) O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui (Microsoft Corporation) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/C/8/0C8EDFAB-30BC-4792-898E-2DABE27B2C4D/mp43dmo.CAB (Reg Error: Key error.) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} hxxp://data.myflatcast.com/data/objects/NpFv415.dll (Flatcast Viewer 4.15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {38601915-A80F-6318-45F6-18C18616178A} - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.02.02 22:03:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002.08.12 11:00:00 | 001,126,400 | -H-- | M] (Indigo Rose Corporation) - D:\autorun.exe -- [ NTFS ] O32 - AutoRun File - [2005.02.25 18:24:44 | 000,000,051 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{192304f3-d1cc-11dc-bf92-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{192304f3-d1cc-11dc-bf92-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{192304f3-d1cc-11dc-bf92-806d6172696f}\Shell\AutoRun\command - "" = E:\Install.exe -- [2004.10.21 19:38:02 | 000,126,976 | R--- | M] (Macrovision Corporation) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.13 18:31:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\OTL.exe [2011.04.13 18:12:52 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Recent [2011.04.13 17:22:51 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Startmenü\Programme\SpyHunter [2011.04.13 17:22:48 | 000,000,000 | ---D | C] -- C:\sh4ldr [2011.04.13 17:22:47 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group [2011.04.13 17:20:07 | 000,692,640 | -H-- | C] (Enigma Software Group USA, LLC.) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\SpyHunter-Installer.exe [2011.04.13 16:21:08 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Startmenü\Programme\Windows Restore [2011.04.13 16:11:55 | 000,561,152 | ---- | C] (WinSCP) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EdCcYBPEqSpTN.exe [2011.04.13 16:11:41 | 000,298,665 | -H-- | C] (WinSCP) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\null0.10805464985070223.exe [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.13 18:31:30 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\OTL.exe [2011.04.13 18:23:10 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.04.13 17:58:20 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2011.04.13 17:57:45 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.04.13 17:57:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.04.13 17:55:44 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm [2011.04.13 17:55:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm [2011.04.13 17:51:02 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job [2011.04.13 17:43:03 | 000,000,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18014004 [2011.04.13 17:43:02 | 000,000,128 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18014004r [2011.04.13 17:33:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm [2011.04.13 17:33:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm [2011.04.13 17:22:51 | 000,001,985 | -H-- | M] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\SpyHunter.lnk [2011.04.13 17:20:14 | 000,692,640 | -H-- | M] (Enigma Software Group USA, LLC.) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\SpyHunter-Installer.exe [2011.04.13 17:17:36 | 000,000,392 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18014004 [2011.04.13 16:32:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm [2011.04.13 16:32:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm [2011.04.13 16:22:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm [2011.04.13 16:22:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm [2011.04.13 16:21:08 | 000,000,821 | -H-- | M] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Windows Restore.lnk [2011.04.13 16:21:03 | 000,479,232 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18014004.exe [2011.04.13 16:11:54 | 000,561,152 | ---- | M] (WinSCP) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EdCcYBPEqSpTN.exe [2011.04.13 16:11:53 | 000,298,665 | -H-- | M] (WinSCP) -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\null0.10805464985070223.exe [2011.04.13 05:42:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm [2011.04.13 05:42:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm [2011.04.12 22:06:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm [2011.04.12 22:06:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm [2011.04.12 16:23:09 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm [2011.04.12 16:23:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm [2011.04.12 05:40:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm [2011.04.12 05:40:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm [2011.04.11 22:30:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm [2011.04.11 22:30:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm [2011.04.11 16:58:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2011.04.11 16:58:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2011.04.11 05:43:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm [2011.04.11 05:43:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm [2011.04.10 22:07:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm [2011.04.10 22:07:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm [2011.04.10 00:17:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm [2011.04.10 00:17:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm [2011.04.09 10:52:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm [2011.04.09 10:52:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm [2011.04.09 00:25:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm [2011.04.09 00:25:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm [2011.04.08 16:36:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm [2011.04.08 16:36:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm [2011.04.08 05:50:02 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm [2011.04.08 05:50:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm [2011.04.07 22:36:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm [2011.04.07 22:36:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm [2011.04.07 17:03:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm [2011.04.07 17:03:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm [2011.04.07 05:44:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm [2011.04.07 05:44:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm [2011.04.05 20:38:46 | 000,005,675 | -H-- | M] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Hintergrund für Schönwetter.jpg [2011.04.04 16:51:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.03.27 10:09:24 | 000,448,470 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.03.27 10:09:24 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.03.27 10:09:24 | 000,079,910 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.03.27 10:09:24 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.03.26 15:38:13 | 000,001,861 | ---- | M] () -- C:\WINDOWS\unins000.dat [2011.03.26 15:38:10 | 000,695,578 | ---- | M] () -- C:\WINDOWS\unins000.exe [2011.03.24 18:19:16 | 000,006,148 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\.DS_Store [2011.03.21 16:24:06 | 000,510,812 | -H-- | M] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\004.jpg [2011.03.21 16:24:00 | 000,879,818 | -H-- | M] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\003.jpg [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.13 17:22:51 | 000,001,985 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\SpyHunter.lnk [2011.04.13 16:21:09 | 000,000,128 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18014004r [2011.04.13 16:21:09 | 000,000,096 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~18014004 [2011.04.13 16:21:08 | 000,000,821 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Windows Restore.lnk [2011.04.13 16:21:05 | 000,000,392 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18014004 [2011.04.13 16:21:03 | 000,479,232 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18014004.exe [2011.04.05 20:38:46 | 000,005,675 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Hintergrund für Schönwetter.jpg [2011.03.24 18:18:45 | 000,006,148 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\.DS_Store [2011.03.21 16:24:05 | 000,510,812 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\004.jpg [2011.03.21 16:23:59 | 000,879,818 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\003.jpg [2011.01.20 22:02:14 | 000,695,578 | ---- | C] () -- C:\WINDOWS\unins000.exe [2011.01.20 22:02:13 | 000,001,861 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010.08.22 09:51:20 | 000,000,525 | ---- | C] () -- C:\WINDOWS\QIII.INI [2010.08.11 19:13:28 | 000,000,299 | ---- | C] () -- C:\WINDOWS\Apache.Ini [2010.08.10 18:20:08 | 000,116,045 | ---- | C] () -- C:\WINDOWS\unstall.exe [2010.07.05 17:40:25 | 000,000,018 | ---- | C] () -- C:\WINDOWS\ssetup.ini [2009.09.26 17:43:47 | 000,010,240 | -H-- | C] () -- C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.31 14:10:39 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe [2009.08.09 09:09:49 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2009.07.26 11:51:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbxvs.dll [2009.01.04 19:47:39 | 000,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2008.09.06 12:05:46 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2008.09.06 12:05:45 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll [2008.09.06 12:05:45 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin [2008.08.20 09:17:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Checkers3D.INI [2008.08.13 17:34:39 | 000,006,688 | ---- | C] () -- C:\WINDOWS\movexe.exe [2008.07.10 09:45:28 | 000,001,372 | ---- | C] () -- C:\WINDOWS\eReg.dat [2008.02.29 06:14:04 | 000,223,744 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll [2008.02.13 21:09:49 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008.02.13 21:09:45 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2008.02.13 21:09:37 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2008.02.12 11:35:42 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2008.02.10 19:26:24 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT4.DAT [2008.02.10 16:42:47 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.02.06 23:20:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008.02.06 19:51:58 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2008.02.05 21:21:59 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008.02.04 10:40:08 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008.02.02 22:05:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008.02.02 21:59:47 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008.02.02 21:48:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008.02.02 21:46:17 | 000,138,056 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007.12.05 02:41:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007.12.05 02:41:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007.12.05 02:41:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007.12.05 02:41:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007.12.05 02:41:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007.12.05 02:41:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007.12.05 02:41:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007.12.05 02:41:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007.12.05 02:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2003.04.02 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2003.04.02 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2003.04.02 14:00:00 | 000,448,470 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2003.04.02 14:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2003.04.02 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2003.04.02 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2003.04.02 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2003.04.02 14:00:00 | 000,079,910 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2003.04.02 14:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2003.04.02 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2003.04.02 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2003.04.02 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2003.04.02 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2003.04.02 14:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2003.04.02 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat < End of report > |
|
13.04.2011, 17:49
| #3 |
| | Windows restore OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 13.04.2011 18:32:43 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 589,00 Mb Available Physical Memory | 58,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1534 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 5,85 Gb Free Space | 11,98% Space Free | Partition Type: NTFS
Drive D: | 25,70 Gb Total Space | 2,78 Gb Free Space | 10,82% Space Free | Partition Type: NTFS
Drive E: | 3,92 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 465,76 Gb Total Space | 338,04 Gb Free Space | 72,58% Space Free | Partition Type: NTFS
Computer Name: BAUMI-7ZE26RTN5 | User Name: Baumi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
http [open] -- "C:\Programme\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"G:\Activision\Call of Duty - World at War\ll.exe" = G:\Activision\Call of Duty - World at War\ll.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop -- (Activision Blizzard, Inc.)
"D:\Age of Empires III\age3.exe" = D:\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3 -- (Ensemble Studios)
"G:\Call of Duty 2\CoD2MP_s.exe" = G:\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Programme\Azureus\Azureus.exe" = C:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus
"C:\Programme\Red Storm Entertainment\Rogue Spear\ROGUESPEAR.ICD" = C:\Programme\Red Storm Entertainment\Rogue Spear\ROGUESPEAR.ICD:*:Enabled:ROGUESPEAR
"G:\Azureus\Azureus.exe" = G:\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"G:\Volley\volley.exe" = G:\Volley\volley.exe:*:Enabled:volley -- ()
"C:\Programme\Wolfenstein - Enemy Territory\ET.exe" = C:\Programme\Wolfenstein - Enemy Territory\ET.exe:*:Disabled:ET
"C:\Programme\Tale of Tales\The Endless Forest 3\ForestViewer.exe" = C:\Programme\Tale of Tales\The Endless Forest 3\ForestViewer.exe:*:Disabled:ForestViewer
"C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Azureus\Azureus.exe" = C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Desktop\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Quake III Arena\quake3.exe" = C:\Programme\Quake III Arena\quake3.exe:*:Enabled:quake3
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Lokale Einstellungen\Temp\Rar$EX06.984\volley.exe" = C:\Dokumente und Einstellungen\Baumi.BAUMI-7ZE26RTN5\Lokale Einstellungen\Temp\Rar$EX06.984\volley.exe:*:Enabled:volley
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AC49543-9CE2-4434-AD42-5AA6E2967FA5}" = Windows Live Toolbar
"{135D3939-F9CD-4520-A008-9C4B852A2DBC}" = OneCare Advisor (Windows Live Toolbar)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}" = EA.com Matchup
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3353CA25-78CC-4321-B67C-16F2933DC94B}" = Browsen mit Registerkarten (Windows Live Toolbar)
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41EBC322-660F-4D16-A0DF-53147210CBDB}" = SpyHunter
"{452473D3-1D26-4E61-8060-3B216620D60C}_is1" = Fahren Lernen Offline 1.1
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61
"{7677634B-E04E-4D2A-89CE-C6EF2370B498}" = Popupblocker (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80A97464-A741-44B0-8AD6-0C16B1FEF7F6}" = Norton Security Scan
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A63B9CF1-8BBA-4E13-9CF2-B76255911031}" = Nero 8 Trial
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DE3FCA5F-7B8A-482B-89A9-CC9BD5F656A1}" = UEFA EURO 2008™
"{E52382DC-2E7A-439D-8ECE-A27D8B816645}" = BVE 4
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Hama Wireless LAN Adapter
"{EBA672FF-F80E-48B1-8FC4-616825318810}" = Feederkennung (Windows Live Toolbar)
"{EFD8E454-EE12-402A-BFC1-7EA096599CBA}" = Windows Live Outlook-Toolbar (Windows Live Toolbar)
"18 WoS Extreme Trucker" = 18 WoS Extreme Trucker 1.01
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2004
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AskTBar Uninstall" = Ask Toolbar
"Azureus" = Azureus
"Burn4Free" = Burn4Free CD and DVD
"BySoft FreeRAM" = BySoft FreeRAM 4.0
"Desperados 1.0" = Desperados 1.0
"Direct MP3 Joiner_is1" = Direct MP3 Joiner 2.4
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Euro Truck Simulator" = Euro Truck Simulator 1.00
"FarmingSimulator2008_is1" = Landwirtschafts Simulator 2008
"Fishing Simulator 2_is1" = Fishing Simulator 2
"Flatcast_is1" = Flatcast Viewer Plugin 5.3.0.717
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Ram Optimizer XP_is1" = Free Ram Optimizer XP 1.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FUSSBALL MANAGER 08" = FUSSBALL MANAGER 08
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"getPlus(R)_ocx" = getPlus(R)_ocx
"Glest_is1" = Glest 3.2.2
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Happyville" = Happyville
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Lexmark 7100 Series" = Lexmark 7100 Series
"Maniac Mansion Deluxe" = Maniac Mansion Deluxe
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"MyPlayCity Toolbar" = MyPlayCity Toolbar
"Net2Day - Angeln 1.0" = Net2Day - Angeln 1.0
"NVIDIA Drivers" = NVIDIA Drivers
"Patrimonium_is1" = Patrimonium Akt 1+2
"PokerStars.net" = PokerStars.net
"Ports Of Call Classic Edition DEMO - astragon 1.2.7 " = Ports Of Call Classic Edition DEMO - astragon 1.2.7
"PunkBusterSvc" = PunkBuster Services
"ST6UNST #1" = Der Restaurant-Manager 1.5 Vollversion.de Edition
"ST6UNST #2" = Der Restaurant-Manager 1.5 Vollversion.de Edition (C:\Programme\RestaurantManager\)
"TamagotchiSimulator2.5" = Tamagotchi Simulator 2.5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Warlike Flyboys - WW3_is1" = Warlike Flyboys - WW3
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR archiver
"ZSNES_is1" = ZSNES (a FREE GNU licensed SNES Famicom Game Emulator) version
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.03.2011 00:16:18 | Computer Name = BAUMI-7ZE26RTN5 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x10002bc0.
Error - 26.03.2011 12:32:02 | Computer Name = BAUMI-7ZE26RTN5 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung manager08.exe, Version 0.0.0.0, fehlgeschlagenes
Modul manager08.exe, Version 0.0.0.0, Fehleradresse 0x0099dfd9.
Error - 13.04.2011 11:26:35 | Computer Name = BAUMI-7ZE26RTN5 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 13.04.2011 11:26:35 | Computer Name = BAUMI-7ZE26RTN5 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
[ System Events ]
Error - 13.04.2011 11:22:27 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:28 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:30 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:32 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:34 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:36 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:38 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:39 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:41 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Error - 13.04.2011 11:22:43 | Computer Name = BAUMI-7ZE26RTN5 | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
< End of report >
|
|
13.04.2011, 17:56
| #4 |
| /// Mr. Schatten   | Windows restore Ich habe deine Beiträge verschoben, da du ersten im falschen Unterforum und zweitens in einen "fremden Thread" hineingepostet hattest. Die Nutzungsbedingungen die du gerade eben akzeoptiert hast, hast du wohl weniger gut gelesen.Bitte beschreibe dein Problem noch einmal deutlich und den Forenrichtlinien entsprechend. Danke
__________________ alle Tipps + Hilfen aller Helfer sind ohne Gewähr + Haftung keine Hilfe via PN hier ist ein Forum, jeder kann profitieren/kontrollieren - niemand ist fehlerfrei tendenzielle Beachtung der Rechtschreibregeln erhöht die Wahrscheinlichkeit einer Antwort - |
|
13.04.2011, 19:07
| #5 |
| | Windows restore Ok neuer Versuch... Hab seit heute auch diesen Windows restore Trojaner drauf. Dauernd Fehlermeldungen von wegen "Hard Drive Failure" tauchen hier auf und von meinem Desktop sind auch sogut wie alle Symbole weg. Hab das jetzt auch mit diesem Otl versucht aber leider kein Plan was ich dann weitermachen soll  |
|
Linear-Darstellung
