Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Metropolotan Police Virus auch bei mir (https://www.trojaner-board.de/100873-metropolotan-police-virus-mir.html)

conweb 29.06.2011 13:27
Metropolotan Police Virus auch bei mir
 
Hallo, Ihr helfenden Engel!
Mich hat auch der Metropolitan Police Virus erwischt. Habe nach Boardsuche wie beschrieben einen scan mit OTL durchgef[hrt. Bin leider nicht so die Computercrackin:crazy: Hoffentlich k;nnt Ihr mir helfen. Vielen Dank schon mal im Voraus! Die Conny

markusg 29.06.2011 13:33
hi, du hast doch das log erstellt, so schlimm siehts mit deinen fähigkeiten doch gar nicht aus :-)

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein:

Code:
:OTL
O20 - HKU\Conny_ON_I Winlogon: Shell - (C:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe) - I:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe (BitDefender)
:Files
I:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits in meinem post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.


öffne computer , öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
http://www.trojaner-board.de/54791-a...ner-board.html

conweb 29.06.2011 13:42
Hallo Markus, Du bist aber flott!
Folgendes Problem: Der infizierte computer erkennt meinen usb-stich nicht, bzw. der erscheint nirgendwo. Ich kann aber durch eure tolle cd damit ins internet gehen. soll ich deinen fix bei otl einfach in dieses fenster custom scans/fixes kopieren, geht das dann auch? Leider habe ich auch deinen post zu otlpe nicht gefunden. Hast du einen link, damit ich weiß, was ich alles anhaken muss? Danke!

conweb 29.06.2011 14:05
Juhu, mein windows ist wieder da! Allerdings hat sich keine otl.txt nach dem neustart von selbst geöffnet. Ich kopiere mal die hier rein, die ich auf c: gefunden habe, hoffe es ist die richtige. das mit moved files zu rar habe ich gemacht. den ordner gibt es aber noch. soll ich den jetzt löschen?OTL Logfile:
Code:
OTL logfile created on: 6/29/2011 3:15:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0    Folder = X:\Programs\OTLPE
Windows 7 Ultimate  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files
Drive C: | 100.00 Mb Total Space | 65.70 Mb Free Space | 65.70% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 138.57 Gb Free Space | 59.50% Space Free | Partition Type: NTFS
Drive I: | 97.56 Gb Total Space | 47.18 Gb Free Space | 48.37% Space Free | Partition Type: NTFS
Drive J: | 368.10 Gb Total Space | 251.68 Gb Free Space | 68.37% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - (AVGIDSAgent) -- I:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- I:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Stereo Service) -- I:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SandraAgentSrv) -- I:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe (SiSoftware)
SRV - (SensrSvc) -- I:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- I:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- I:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxdu_device) -- I:\Windows\System32\lxducoms.exe ( )
SRV - (lxduCATSCustConnectService) -- I:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AVGIDSDriver) -- I:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- I:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- I:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- I:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- I:\Windows\System32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- I:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- I:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- I:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AnyDVD) -- I:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (sptd) -- I:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvlddmkm) -- I:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) -- I:\Program Files\CyberLink\PowerDVD8\000.fcl (CyberLink Corp.)
DRV - (vmbus) -- I:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- I:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- I:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- I:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- I:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- I:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (NVENETFD) -- I:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- I:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (ASPI) -- I:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
DRV - (RVIEG01) -- I:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys (Roland)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Conny_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Conny_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Conny_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 65 1F B0 04 BB CB 01  [binary data]
IE - HKU\Conny_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Conny_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/03 10:21:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/28 11:36:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/28 11:36:04 | 000,000,000 | ---D | M]
 
[2010/09/29 13:02:27 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Conny\AppData\Roaming\Mozilla\Extensions
[2010/09/29 13:02:27 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Conny\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2011/06/19 15:08:49 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\g3go77ss.default\extensions
[2010/09/28 16:36:14 | 000,000,000 | ---D | M] (Foxit Toolbar) -- I:\Users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\g3go77ss.default\extensions\toolbar@ask.com
[2010/12/17 09:06:16 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files\Mozilla Firefox\extensions
[2010/12/17 09:06:16 | 000,000,000 | ---D | M] (Java Console) -- I:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
File not found (No name found) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/12/17 09:06:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/28 16:05:03 | 000,075,208 | ---- | M] (Foxit Software Company) -- I:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/03/19 04:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- I:\Program Files\Mozilla Firefox\plugins\npmieze.dll
[2010/09/14 17:32:39 | 000,001,392 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/09/14 17:32:39 | 000,002,344 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/11/14 10:50:53 | 000,000,143 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\foxsearch.src
[2010/09/14 17:32:39 | 000,006,805 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/09/14 17:32:39 | 000,001,178 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/09/14 17:32:39 | 000,001,105 | ---- | M] () -- I:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - I:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - I:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - I:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\Conny_ON_I\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG_TRAY] I:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [lxduamon] I:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] I:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKU\LocalService_ON_I..\RunOnce: [mctadmin] I:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_I..\RunOnce: [mctadmin] I:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\Conny_ON_I\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: Alles mit FDM herunterladen - I:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - I:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - I:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - I:\Program Files\Free Download Manager\dlfvideo.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - I:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Conny_ON_I Winlogon: Shell - (C:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe) - I:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe (BitDefender)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - I:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - I:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - I:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/09 12:12:37 | 000,000,000 | ---D | C] -- I:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011/06/09 12:12:37 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011/06/09 12:12:37 | 000,000,000 | ---D | C] -- I:\Program Files\DVD Decrypter
[2011/06/09 11:50:51 | 000,000,000 | ---D | C] -- I:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2011/06/09 11:50:51 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011/06/09 11:50:51 | 000,000,000 | ---D | C] -- I:\Program Files\Gabest
[2011/06/09 11:50:39 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011/06/09 11:50:39 | 000,000,000 | ---D | C] -- I:\Program Files\AutoGK
[2010/10/04 11:38:21 | 000,250,544 | ---- | C] (KeyWorks Software) -- I:\Program Files\Common Files\keyhelp.ocx
[2010/09/28 15:28:08 | 000,438,272 | ---- | C] ( ) -- I:\Windows\System32\LXDUhcp.dll
[2010/09/28 15:28:07 | 001,069,056 | ---- | C] ( ) -- I:\Windows\System32\lxduserv.dll
[2010/09/28 15:28:07 | 000,851,968 | ---- | C] ( ) -- I:\Windows\System32\lxduusb1.dll
[2010/09/28 15:28:07 | 000,651,264 | ---- | C] ( ) -- I:\Windows\System32\lxdupmui.dll
[2010/09/28 15:28:07 | 000,364,544 | ---- | C] ( ) -- I:\Windows\System32\lxduinpa.dll
[2010/09/28 15:28:07 | 000,339,968 | ---- | C] ( ) -- I:\Windows\System32\lxduiesc.dll
[2010/09/28 15:28:06 | 000,679,936 | ---- | C] ( ) -- I:\Windows\System32\lxduhbn3.dll
[2010/09/28 15:28:06 | 000,577,536 | ---- | C] ( ) -- I:\Windows\System32\lxdulmpm.dll
[2010/09/28 15:28:06 | 000,328,360 | ---- | C] ( ) -- I:\Windows\System32\lxduih.exe
[2010/09/28 15:28:05 | 000,765,952 | ---- | C] ( ) -- I:\Windows\System32\lxducomc.dll
[2010/09/28 15:28:05 | 000,594,600 | ---- | C] ( ) -- I:\Windows\System32\lxducoms.exe
[2010/09/28 15:28:05 | 000,376,832 | ---- | C] ( ) -- I:\Windows\System32\lxducomm.dll
[2010/09/28 15:28:05 | 000,369,320 | ---- | C] ( ) -- I:\Windows\System32\lxducfg.exe
[2 I:\ProgramData\*.tmp files -> I:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/19 17:16:10 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2011/06/19 16:47:12 | 000,643,628 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2011/06/19 16:47:12 | 000,606,992 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2011/06/19 16:47:12 | 000,126,188 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2011/06/19 16:47:12 | 000,103,370 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2011/06/19 16:42:58 | 2616,647,680 | -HS- | M] () -- I:\hiberfil.sys
[2011/06/19 16:39:43 | 000,014,192 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 16:39:43 | 000,014,192 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 14:57:21 | 119,179,087 | ---- | M] () -- I:\Windows\System32\drivers\AVG\incavi.avm
[2011/06/10 08:14:13 | 000,000,566 | ---- | M] () -- I:\Users\Conny\AppData\Roaming\AutoGK.ini
[2011/06/09 12:12:37 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011/06/09 11:51:23 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011/06/09 11:51:18 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011/06/09 11:50:51 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011/06/03 10:21:24 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/06/02 13:48:47 | 000,000,650 | ---- | M] () -- I:\Users\Conny\AppData\Roaming\burnaware.ini
[2 I:\ProgramData\*.tmp files -> I:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/09 11:52:04 | 000,000,566 | ---- | C] () -- I:\Users\Conny\AppData\Roaming\AutoGK.ini
[2011/05/16 14:13:46 | 000,004,608 | ---- | C] () -- I:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/16 13:52:34 | 000,033,019 | ---- | C] () -- I:\Windows\System32\CoreAAC-uninstall.exe
[2011/01/17 12:45:03 | 000,000,034 | ---- | C] () -- I:\Windows\cdplayer.ini
[2011/01/06 17:28:49 | 000,000,038 | ---- | C] () -- I:\Windows\avisplitter.ini
[2011/01/06 17:28:48 | 000,819,200 | ---- | C] () -- I:\Windows\System32\xvidcore.dll
[2011/01/06 17:28:48 | 000,180,224 | ---- | C] () -- I:\Windows\System32\xvidvfw.dll
[2011/01/06 17:28:48 | 000,085,504 | ---- | C] () -- I:\Windows\System32\ff_vfw.dll
[2010/12/20 20:44:47 | 000,005,052 | ---- | C] () -- I:\ProgramData\etgxespc.rpo
[2010/12/20 20:44:47 | 000,004,963 | ---- | C] () -- I:\ProgramData\hnbdehzc.pfe
[2010/12/20 15:47:07 | 000,027,648 | ---- | C] () -- I:\Windows\System32\AVSredirect.dll
[2010/12/15 09:18:31 | 001,064,896 | ---- | C] () -- I:\Windows\System32\BDHDCopyHelper.dll
[2010/12/15 09:18:31 | 000,135,168 | ---- | C] () -- I:\Windows\System32\VERSI0N.dll
[2010/12/15 07:41:37 | 000,000,266 | ---- | C] () -- I:\Windows\lgfwup.ini
[2010/12/15 07:24:35 | 000,000,040 | -HS- | C] () -- I:\ProgramData\.zreglib
[2010/12/07 12:11:09 | 000,000,650 | ---- | C] () -- I:\Users\Conny\AppData\Roaming\burnaware.ini
[2010/09/29 11:32:55 | 000,000,000 | ---- | C] () -- I:\ProgramData\sandra.mda
[2010/09/28 15:31:43 | 000,360,448 | ---- | C] () -- I:\Windows\System32\lxducoin.dll
[2010/09/28 15:31:13 | 000,040,960 | ---- | C] () -- I:\Windows\System32\lxduvs.dll
[2010/09/28 15:30:38 | 001,036,288 | ---- | C] () -- I:\Windows\System32\lxdudrs.dll
[2010/09/28 15:30:38 | 000,081,920 | ---- | C] () -- I:\Windows\System32\lxducaps.dll
[2010/09/28 15:30:38 | 000,069,632 | ---- | C] () -- I:\Windows\System32\lxducnv4.dll
[2010/09/28 15:30:24 | 000,045,056 | ---- | C] () -- I:\Windows\System32\LXDUPMON.DLL
[2010/09/28 15:30:24 | 000,032,768 | ---- | C] () -- I:\Windows\System32\LXDUFXPU.DLL
[2010/09/28 15:30:04 | 000,086,016 | ---- | C] () -- I:\Windows\System32\lxduoem.dll
[2010/09/28 15:29:00 | 000,000,044 | ---- | C] () -- I:\Windows\System32\lxdurwrd.ini
[2010/09/28 15:28:08 | 000,389,120 | ---- | C] () -- I:\Windows\System32\LXDUinst.dll
[2010/09/28 15:28:06 | 000,208,896 | ---- | C] () -- I:\Windows\System32\lxdugrd.dll
[2009/11/09 00:50:28 | 001,945,088 | ---- | C] () -- I:\Windows\System32\avcodec.dll
[2009/11/09 00:50:28 | 000,219,136 | ---- | C] () -- I:\Windows\System32\avformat.dll
[2009/11/09 00:50:28 | 000,022,528 | ---- | C] () -- I:\Windows\System32\avutil.dll
[2009/07/14 04:47:43 | 000,643,628 | ---- | C] () -- I:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- I:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,126,188 | ---- | C] () -- I:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- I:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,304,688 | ---- | C] () -- I:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,606,992 | ---- | C] () -- I:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- I:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,103,370 | ---- | C] () -- I:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- I:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- I:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- I:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- I:\Windows\System32\PrintBrmUi.exe
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- I:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- I:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\System32\mlang.dat
[2002/10/15 18:54:04 | 000,153,088 | ---- | C] () -- I:\Windows\System32\unrar.dll
 
========== LOP Check ==========
 
[2010/09/28 15:30:03 | 000,000,000 | ---D | M] -- I:\ProgramData\5600-6600 Series
[2010/10/18 10:53:43 | 000,000,000 | ---D | M] -- I:\ProgramData\Ableton
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2011/05/11 09:02:21 | 000,000,000 | ---D | M] -- I:\ProgramData\Application Data
[2010/09/28 12:02:49 | 000,000,000 | ---D | M] -- I:\ProgramData\AVG10
[2010/12/15 09:18:32 | 000,000,000 | ---D | M] -- I:\ProgramData\BDHDCopyHelper
[2010/11/14 10:21:00 | 000,000,000 | ---D | M] -- I:\ProgramData\Canneverbe Limited
[2010/09/28 12:02:33 | 000,000,000 | -H-D | M] -- I:\ProgramData\Common Files
[2010/10/18 10:42:37 | 000,000,000 | ---D | M] -- I:\ProgramData\DAEMON Tools Lite
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2011/01/06 15:24:16 | 000,000,000 | ---D | M] -- I:\ProgramData\FreeDownloadManager.ORG
[2010/12/22 19:32:03 | 000,000,000 | ---D | M] -- I:\ProgramData\ID3-TagIT 3
[2010/12/15 08:41:24 | 000,000,000 | ---D | M] -- I:\ProgramData\LightScribe
[2010/11/08 13:09:17 | 000,000,000 | ---D | M] -- I:\ProgramData\Line 6
[2011/05/25 09:27:26 | 000,000,000 | ---D | M] -- I:\ProgramData\Lx_cats
[2011/05/08 15:57:30 | 000,000,000 | ---D | M] -- I:\ProgramData\MFAData
[2010/12/15 07:25:51 | 000,000,000 | ---D | M] -- I:\ProgramData\SlySoft
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2010/12/15 07:41:50 | 000,000,000 | ---D | M] -- I:\ProgramData\TEMP
[2010/10/20 10:21:19 | 000,000,000 | ---D | M] -- I:\ProgramData\Toontrack
[2010/09/28 10:49:01 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2010/09/29 13:12:02 | 000,000,000 | ---D | M] -- I:\ProgramData\WindSolutions
[2010/09/29 11:19:33 | 000,000,000 | ---D | M] -- I:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/04/07 11:14:39 | 000,032,630 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 140 bytes -> I:\ProgramData\TEMP:30FD0CBD
< End of report >
--- --- ---

markusg 29.06.2011 14:14
hi, einfach otl so starten, wie am anfang.
in dem programm hasst du doch so ein leeres feld, wo du text eingeben kannst, richtig?
da kopierst einfach mein script rein, und klickst auf fix, dann gehts los

conweb 29.06.2011 14:20
hat alles geklappt. die rar.datei habe ich in den upload channel hochgeladen. wie geht's jetzt weiter?

conweb 29.06.2011 14:27
Habe jetzt otl nochmal ausgeführt. Hier das logfile:OTL Logfile:
Code:
OTL logfile created on: 29.06.2011 16:25:48 - Run
OTLPE by OldTimer - Version 3.1.46.0    Folder = C:\
Windows 7 Ultimate  (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 47,21 Gb Free Space | 48,39% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 251,68 Gb Free Space | 68,37% Space Free | Partition Type: NTFS
Drive J: | 232,88 Gb Total Space | 138,57 Gb Free Space | 59,50% Space Free | Partition Type: NTFS
 
Computer Name: CONNY-PC | User Name: Conny
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.04.18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.04.03 16:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.08.10 14:19:30 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.05.23 14:58:34 | 000,594,600 | ---- | M] ( ) [Auto] -- C:\Windows\System32\lxducoms.exe -- (lxdu_device)
SRV - [2008.05.23 14:58:22 | 000,098,984 | ---- | M] () [Auto] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -- (lxduCATSCustConnectService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (asfd3vbq)
DRV - [2011.04.14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.04.05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.03.16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.03.01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.02.22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011.02.10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.02.10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.01.07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010.12.01 21:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.10.18 16:43:49 | 000,691,696 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.04.04 00:55:31 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.08.28 19:36:24 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/12/15 12:39:51] [Kernel | Auto] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.28 23:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2002.07.17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2001.04.13 19:16:38 | 000,187,992 | ---- | M] (Roland) [Kernel | Auto] -- C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys -- (RVIEG01)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 65 1F B0 04 BB CB 01  [binary data]
IE - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.06.29 16:02:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.28 17:36:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.28 17:36:04 | 000,000,000 | ---D | M]
 
[2010.09.29 19:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Extensions
[2010.09.29 19:02:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.06.29 16:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Conny\AppData\Roaming\mozilla\Firefox\Profiles\g3go77ss.default\extensions
[2010.09.28 22:36:14 | 000,000,000 | ---D | M] (Foxit Toolbar) -- C:\Users\Conny\AppData\Roaming\mozilla\Firefox\Profiles\g3go77ss.default\extensions\toolbar@ask.com
[2010.12.17 15:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.17 15:06:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.06.29 16:02:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.01.06 21:24:16 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2010.12.17 15:06:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.09.28 22:05:03 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.03.19 10:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\Mozilla Firefox\plugins\npmieze.dll
[2010.09.14 23:32:39 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 23:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.11.14 16:50:53 | 000,000,143 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\foxsearch.src
[2010.09.14 23:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.14 23:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.14 23:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ()
O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4211333886-3884336403-158737929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\S-1-5-21-4211333886-3884336403-158737929-1000 Winlogon: Shell - (C:\Users\Conny\AppData\Local\Temp\0.4776353270091912.exe) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.29 21:50:56 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011.06.29 21:50:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.06.09 18:12:37 | 000,000,000 | ---D | C] -- C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011.06.09 18:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011.06.09 18:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter
[2011.06.09 17:50:51 | 000,000,000 | ---D | C] -- C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.06.09 17:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.06.09 17:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Gabest
[2011.06.09 17:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011.06.09 17:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\AutoGK
[2010.10.04 17:38:21 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files\Common Files\keyhelp.ocx
[2010.09.28 21:28:08 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDUhcp.dll
[2010.09.28 21:28:07 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxduserv.dll
[2010.09.28 21:28:07 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxduusb1.dll
[2010.09.28 21:28:07 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdupmui.dll
[2010.09.28 21:28:07 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxduinpa.dll
[2010.09.28 21:28:07 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxduiesc.dll
[2010.09.28 21:28:06 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxduhbn3.dll
[2010.09.28 21:28:06 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdulmpm.dll
[2010.09.28 21:28:06 | 000,328,360 | ---- | C] ( ) -- C:\Windows\System32\lxduih.exe
[2010.09.28 21:28:05 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxducomc.dll
[2010.09.28 21:28:05 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxducoms.exe
[2010.09.28 21:28:05 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxducomm.dll
[2010.09.28 21:28:05 | 000,369,320 | ---- | C] ( ) -- C:\Windows\System32\lxducfg.exe
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.29 16:02:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011.06.29 16:00:48 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.29 16:00:48 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.29 16:00:04 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.29 16:00:04 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.29 16:00:04 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.29 16:00:04 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.29 15:59:39 | 120,337,785 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.06.29 15:55:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.29 15:55:38 | 2616,647,680 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.10 14:14:13 | 000,000,566 | ---- | M] () -- C:\Users\Conny\AppData\Roaming\AutoGK.ini
[2011.06.09 18:12:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011.06.09 17:51:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoGK
[2011.06.09 17:51:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2011.06.09 17:50:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
[2011.06.02 19:48:47 | 000,000,650 | ---- | M] () -- C:\Users\Conny\AppData\Roaming\burnaware.ini
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.09 17:52:04 | 000,000,566 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\AutoGK.ini
[2011.05.16 20:13:46 | 000,004,608 | ---- | C] () -- C:\Users\Conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.16 19:52:34 | 000,033,019 | ---- | C] () -- C:\Windows\System32\CoreAAC-uninstall.exe
[2011.01.17 18:45:03 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.01.06 23:28:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.06 23:28:48 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.01.06 23:28:48 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.01.06 23:28:48 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.12.21 02:44:47 | 000,005,052 | ---- | C] () -- C:\ProgramData\etgxespc.rpo
[2010.12.21 02:44:47 | 000,004,963 | ---- | C] () -- C:\ProgramData\hnbdehzc.pfe
[2010.12.20 21:47:07 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.12.15 15:18:31 | 001,064,896 | ---- | C] () -- C:\Windows\System32\BDHDCopyHelper.dll
[2010.12.15 15:18:31 | 000,135,168 | ---- | C] () -- C:\Windows\System32\VERSI0N.dll
[2010.12.15 13:41:37 | 000,000,266 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010.12.15 13:24:35 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.07 18:11:09 | 000,000,650 | ---- | C] () -- C:\Users\Conny\AppData\Roaming\burnaware.ini
[2010.09.29 17:32:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.09.28 21:31:43 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxducoin.dll
[2010.09.28 21:31:13 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxduvs.dll
[2010.09.28 21:30:38 | 001,036,288 | ---- | C] () -- C:\Windows\System32\lxdudrs.dll
[2010.09.28 21:30:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxducaps.dll
[2010.09.28 21:30:38 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxducnv4.dll
[2010.09.28 21:30:24 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXDUPMON.DLL
[2010.09.28 21:30:24 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXDUFXPU.DLL
[2010.09.28 21:30:04 | 000,086,016 | ---- | C] () -- C:\Windows\System32\lxduoem.dll
[2010.09.28 21:29:00 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdurwrd.ini
[2010.09.28 21:28:08 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDUinst.dll
[2010.09.28 21:28:06 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdugrd.dll
[2009.11.09 06:50:28 | 001,945,088 | ---- | C] () -- C:\Windows\System32\avcodec.dll
[2009.11.09 06:50:28 | 000,219,136 | ---- | C] () -- C:\Windows\System32\avformat.dll
[2009.11.09 06:50:28 | 000,022,528 | ---- | C] () -- C:\Windows\System32\avutil.dll
[2009.07.14 10:47:43 | 000,643,628 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,126,188 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,304,688 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
========== LOP Check ==========
 
[2011.01.23 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\5600-6600 Series
[2010.10.18 16:53:43 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Ableton
[2010.12.21 00:32:08 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\AnvSoft
[2010.09.28 18:03:00 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\AVG10
[2011.05.16 20:04:25 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\avidemux
[2010.11.14 16:21:00 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Canneverbe Limited
[2010.10.18 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\DAEMON Tools Lite
[2010.12.15 16:42:14 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.12.18 21:20:21 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Dropbox
[2010.10.12 17:35:43 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Foxit Software
[2011.06.29 16:25:56 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Free Download Manager
[2010.12.17 15:45:08 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\FreeFLVConverter
[2010.11.14 16:16:08 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\GetRightToGo
[2011.03.30 20:26:06 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\gtk-2.0
[2010.12.15 12:30:01 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Gutscheinmieze
[2010.12.23 01:33:47 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\ID3-TagIT 3
[2010.10.10 22:03:35 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Lexmark Productivity Studio
[2010.11.08 19:24:48 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Line 6
[2010.09.28 18:41:30 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\OpenOffice.org
[2010.12.21 01:34:52 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Red Kawa
[2010.09.29 19:02:23 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\Songbird2
[2011.06.19 22:33:00 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\UseNeXT
[2010.09.29 19:12:11 | 000,000,000 | ---D | M] -- C:\Users\Conny\AppData\Roaming\WindSolutions
[2010.09.28 21:30:03 | 000,000,000 | ---D | M] -- C:\ProgramData\5600-6600 Series
[2010.10.18 16:53:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Ableton
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011.05.11 15:02:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data
[2010.09.28 18:02:49 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG10
[2010.12.15 15:18:32 | 000,000,000 | ---D | M] -- C:\ProgramData\BDHDCopyHelper
[2010.11.14 16:21:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2010.09.28 18:02:33 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2010.10.18 16:42:37 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2011.01.06 21:24:16 | 000,000,000 | ---D | M] -- C:\ProgramData\FreeDownloadManager.ORG
[2010.12.23 01:32:03 | 000,000,000 | ---D | M] -- C:\ProgramData\ID3-TagIT 3
[2010.12.15 14:41:24 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe
[2010.11.08 19:09:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Line 6
[2011.05.25 15:27:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Lx_cats
[2011.05.08 21:57:30 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2010.12.15 13:25:51 | 000,000,000 | ---D | M] -- C:\ProgramData\SlySoft
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2010.12.15 13:41:50 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2010.10.20 16:21:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Toontrack
[2010.09.28 16:49:01 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2010.09.29 19:12:02 | 000,000,000 | ---D | M] -- C:\ProgramData\WindSolutions
[2010.09.29 17:19:33 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.04.07 17:14:39 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:30FD0CBD
< End of report >
--- --- ---

markusg 29.06.2011 16:27
ok sir.
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

conweb 29.06.2011 19:55
geht leider nicht. combofix mag mein avg nicht und ich krieg das nicht deinstalliert. gibts noch ne andere möglickeit?

markusg 30.06.2011 10:31
aja gibts.
AVG - Download tools and utilities
avg remover, dann neustart, dann combofix.
wir ersetzen dann avg durch was anderes.

conweb 06.07.2011 20:04
Hallo Jungs, hatte in der letzten woche beruflich viel zu tun und kam zu nix. Vielen dank für den tip mit avg-remover. Hier das combofix-logCombofix Logfile:
Code:
ComboFix 11-07-06.02 - Conny 06.07.2011  20:55:53.1.2 - x86
Microsoft Windows 7 Ultimate  6.1.7600.0.1252.49.1031.18.3327.2601 [GMT 2:00]
ausgeführt von:: c:\users\Conny\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-06-06 bis 2011-07-06  ))))))))))))))))))))))))))))))
.
.
2011-07-06 18:59 . 2011-07-06 18:59        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-06-29 19:50 . 2011-03-06 22:12        2234368        ----a-r-        C:\OTLPE.exe
2011-06-29 19:50 . 2011-06-29 13:58        --------        d-----w-        C:\_OTL
2011-06-13 16:14 . 2011-06-13 16:21        --------        d-----w-        c:\users\Conny\iris_rad
2011-06-09 16:12 . 2011-06-09 16:12        --------        d-----w-        c:\program files\DVD Decrypter
2011-06-09 15:50 . 2011-06-09 15:50        --------        d-----w-        c:\program files\Gabest
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 18:29 . 2011-05-25 18:29        404640        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-16 17:52 . 2011-05-16 17:52        33019        ----a-w-        c:\windows\system32\CoreAAC-uninstall.exe
2003-03-21 11:45 . 2010-10-04 15:38        250544        ----a-w-        c:\program files\Common Files\keyhelp.ocx
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50        1197448        ----a-w-        c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-06 8555040]
"lxdumon.exe"="c:\program files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-09-10 676520]
"lxduamon"="c:\program files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-09-10 16040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^Users^Conny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Conny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2010-12-04 15:01        4721224        ----a-w-        c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2009-08-28 09:36        75048        ------w-        c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2009-06-03 19:59        103720        ------w-        c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16        357696        ----a-w-        c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-01-25 14:08        421160        ----a-w-        c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 5600-6600 Series Fax Server]
2008-09-10 11:10        311976        ----a-w-        c:\program files\Lexmark 5600-6600 Series\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
2010-12-15 11:42        557056        ----a-w-        c:\program files\lg_fwupdate\fwupdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-08-20 12:25        2363392        ----a-w-        c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MDS_Menu]
2009-02-25 13:40        218408        ------w-        c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2009-04-15 22:54        50472        ------w-        c:\program files\CyberLink\PowerDVD8\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2009-07-16 19:08        91432        ------w-        c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44        248552        ----a-w-        c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2009-05-19 21:16        222504        ------w-        c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
2009-05-19 21:16        222504        ------w-        c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
2008-12-03 21:15        218408        ------w-        c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2009-10-23 16:19        210216        ------w-        c:\program files\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wextract_cleanup0]
2009-07-14 01:14        126464        ----a-w-        c:\windows\System32\advpack.dll
.
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [2008-05-23 98984]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe [2009-08-10 93848]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-18 691696]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2010/12/15 12:39];c:\program files\CyberLink\PowerDVD8\000.fcl [2009-08-28 17:36 87536]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [2008-05-23 594600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24        451872        ----a-w-        c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: Alles mit FDM herunterladen - file://c:\program files\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files\Free Download Manager\dllink.htm
IE: Videos mit FDM herunterladen - file://c:\program files\Free Download Manager\dlfvideo.htm
Trusted Zone: line6.net
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Conny\AppData\Roaming\Mozilla\Firefox\Profiles\g3go77ss.default\
FF - prefs.js: browser.search.selectedEngine - foxsearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - prefs.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG10\Firefox4
FF - user.js: browser.search.selectedEngine - foxsearch
FF - user.js: browser.search.order.1 - foxsearch
FF - user.js: browser.search.defaultenginename - foxsearch
FF - user.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(764)
c:\users\Conny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Zeit der Fertigstellung: 2011-07-06  21:00:10
ComboFix-quarantined-files.txt  2011-07-06 19:00
.
Vor Suchlauf: 13 Verzeichnis(se), 50.723.094.528 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 50.493.820.928 Bytes frei
.
- - End Of File - - 06D21AAF75F5715A86E53102D35DD834
--- --- ---

markusg 06.07.2011 20:09
ok, wir ersetzen avg gegen avast.
ist besser, und belasstet das system nicht so stark
http://www.trojaner-board.de/110895-...antivirus.html
anleitung
Bremer Treff - Downloads - Anleitungen - Installation und Einstellung von avast 6 Free Edition
bitte dann nen boot scan.

conweb 06.07.2011 20:11
habe bei der suche hier im board gesehen, dass ihr avast empfehlt. habe das jetzt mal installiert, weil ich mich so ganz ohne antivirenprogramm doch ein bisschen nackt fühle ;-)
Ich hoffe, das war o.k.?

markusg 06.07.2011 20:14
ja, noch nach anleitung konfigurieren und scannen.

conweb 06.07.2011 21:28
o.k.
07/06/2011 21:29
Scan aller lokalen Laufwerke

Datei C:\_OTL\MovedFiles\06292011_155019\I_Users\Conny\AppData\Local\Temp\0.4776353270091912.exe ist infiziert von Win32:Malware-gen, Gelöscht
Datei C:\_OTL\MovedFiles.rar|>MovedFiles\06292011_155019\I_Users\Conny\AppData\Local\Temp\0.4776353270091912.exe ist infiziert von Win32:Malware-gen, Gelöscht
Datei J:\wizard\bored to death 01\35486 - FULL - Bored to Death S01e08 DVDRip XviD -\bored.to.death.s01e08.dvdrip.xvid-reward.srr|>bored.to.death.s01e08.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x01 - Stockholm Syndrome (French\bored.to.death.s01e01.dvdrip.xvid-reward.srr|>bored.to.death.s01e01.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x02 - The Alanon Case (bored.to\bored.to.death.s01e02.dvdrip.xvid-reward.srr|>bored.to.death.s01e02.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x03 - The Case of the Missing Sc\bored.to.death.s01e03.dvdrip.xvid-reward.srr|>bored.to.death.s01e03.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x04 - The Case of the (bored.to. (2)\bored.to.death.s01e04.dvdrip.xvid-reward.srr|>bored.to.death.s01e04.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x05 - The Case of the (bored.to. (2)\bored.to.death.s01e05.dvdrip.xvid-reward.srr|>bored.to.death.s01e05.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x06 - The Case of the (bored.to. (2)\bored.to.death.s01e06.dvdrip.xvid-reward.srr|>bored.to.death.s01e06.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\bored to death 01\Bored to Death - 1x07 - The Case of the (bored.to. (2)\bored.to.death.s01e07.dvdrip.xvid-reward.srr|>bored.to.death.s01e07.dvdrip.xvid-reward.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\glee 01\26446 - FULL - Glee S01e21 HDTV XviD - L (glee.121\glee.121.hdtv-lol.srr|>Glee.S01E21.HDTV.XviD-LOL.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Datei J:\wizard\glee 01\27042 - FULL - Glee S01e22 HDTV XviD - L (glee.122 (2)\glee.122.hdtv-lol.srr|>Glee.S01E22.HDTV.XviD-LOL.avi Fehler 42126 {RAR-Archiv ist beschädigt.}
Anzahl durchsuchter Ordner: 24528
Anzahl der geprüften Dateien: 714436
Anzahl infizierter Dateien: 2

markusg 07.07.2011 09:40
ok.
mit avast kommst du zurecht?
lade den CCleaner standard:
CCleaner - Standard
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55