| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Es geht immer eine Fenster auf mit der Meldung - This assembley is protected by an unregisted versioWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.02.2011, 00:05
| #1 |
| |  Es geht immer eine Fenster auf mit der Meldung - This assembley is protected by an unregisted versio Kann mir bitte bitte jemand hier weiterhelfen. ndauernd geht dieses Fenster auf mit der Meldung This assembley is protected by an unregistred Version. Habe den OTL Scan gemacht und das kam herraus:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.02.2011 23:37:02 - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219,88 Gb Total Space | 9,19 Gb Free Space | 4,18% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.ini [@ = UltraEdit.ini] -- Reg Error: Key error. File not found
.js [@ = UltraEdit.js] -- Reg Error: Key error. File not found
.txt [@ = UltraEdit.txt] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03501F10-16F0-4DA5-BF2C-D365547BEC50}" = lport=445 | protocol=6 | dir=in | app=system |
"{0653CDC6-7CCF-440B-A0DA-274CD8D1981D}" = rport=137 | protocol=17 | dir=out | app=system |
"{14C0D379-DAF8-4891-8005-8CDB4B2AB4A9}" = lport=137 | protocol=17 | dir=in | app=system |
"{35E654EB-A349-4572-B985-7CA2932F29FE}" = lport=138 | protocol=17 | dir=in | app=system |
"{3B18F24F-A1B4-4192-8060-DE0325BC31EB}" = rport=138 | protocol=17 | dir=out | app=system |
"{477D34D6-1A3C-4152-B53E-209405E21054}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{58409218-4389-42F6-9858-64E8334543CE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{5B075222-91AA-4827-9253-747777B2FF45}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B2CE3D9D-B6AE-49D8-8FCF-153C32340CE9}" = rport=445 | protocol=6 | dir=out | app=system |
"{BD54D742-41A1-46BB-9483-ED95DD57A842}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CA725B57-3F28-43FC-A1A3-31ACA63AD65A}" = lport=139 | protocol=6 | dir=in | app=system |
"{FAE4282A-A0AD-40D0-B479-801BF4CADBF9}" = rport=139 | protocol=6 | dir=out | app=system |
"{FCEBB98E-10D5-473D-A7A4-D1A51388D165}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08AB66DB-57A4-4553-86C7-1FF35A0B8AF1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0CA5FDC7-A8FB-433E-8547-2D028657AB06}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{13A2A5A1-90CD-4374-8C6C-C32A08DE54CB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{198D8EAE-D8BC-49ED-A534-9C115AA57344}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{237F50D6-2B82-4D82-BED6-51A21961F59E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{3612F0E1-C16E-4356-B202-097EE8C4C4EE}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{3670B0B9-333E-4E75-81BF-6AA04E30E580}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{37817FCA-89C8-4687-8A2F-175B87EE5B34}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{422B61AE-8B01-4981-8371-6799FB040EA7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{55C57AA7-2225-427E-AF2C-BD5B3843B169}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6DF6473C-268B-4082-A282-FC30A2D33E29}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6EE7FF55-F5D8-44CB-B59C-F1346C2D5900}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{754F0D27-0A96-4C5D-A20F-EF578ADB6682}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{7AE81E0A-68A1-4B84-8730-C433D8DC82FE}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{99501F58-C471-4C03-B9FF-05023DE451E1}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{A8E01974-6C50-4F1D-B010-D96084C097CF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AB84A3F2-58D7-4169-8676-DE9E296C7D55}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{C3A9FC49-C2F2-414A-ACDF-1AF8B84A8B88}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{CB254E22-749E-4B27-97F6-DAE707F65818}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D666F74A-468F-4C10-90B8-2134F3AE556F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DCEAE416-203D-48C7-93BD-0569B016D3C4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{DEC2B8ED-A61C-4B07-BED2-5D21A2BFBD47}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E7A6A060-6B95-4229-BDC2-BE0D38D2D218}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CFDFFDB-6646-43D6-8141-A77443F6BF98}" = Topo España V.3.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 23
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{709817E4-5439-4206-8738-796B34B623BD}" = MetaBoli
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AA38575-25A1-4C2F-B40B-2188EB73FF0E}" = Garmin TOPO Österreich v2
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82D054AB-3034-41FE-980E-53026803D22A}" = Topomap Belux
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AE255C55-E0CF-4591-AA86-CAA19AA32C53}" = Garmin TOPO Deutschland v3
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B8BFB69F-BBBA-48A9-A788-851222571C77}" = MapSource Product Install
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{D359B12F-9B1A-46FD-B70C-F507B5B11590}" = HDRegDE
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"AVS Image Converter_is1" = AVS Image Converter 1.3.2.141
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"EasyBits Magic Desktop" = EasyBits Magic Desktop
"ElsterFormular 11.3.0.4235" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Google Desktop" = Google Desktop
"GSAK_is1" = GSAK 7.6.1.27 (Final)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Inkscape" = Inkscape 0.48.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyFreeCodec" = MyFreeCodec
"Office2007" = Microsoft Office Home and Student
"PokerStars.net" = PokerStars.net
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"QuestBrowse" = QuestBrowse 1.0 build 125
"QuickPar" = QuickPar 0.9
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"ShoppingReport2" = ShopperReports
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"UseNeXT_is1" = UseNeXT
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Works9se" = Microsoft Works 9.0 SE
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2011 10:37:01 | Computer Name = holgoni-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung inkscape.exe, Version 0.47.0.9, Zeitstempel
0x4c691d0c, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x8fc90000, Prozess-ID 0x2e64, Anwendungsstartzeit
01cbb7e6549a42e0.
Error - 19.01.2011 10:37:06 | Computer Name = holgoni-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung inkscape.exe, Version 0.47.0.9, Zeitstempel
0x4c691d0c, fehlerhaftes Modul libglibmm-2.4-1.dll, Version 0.0.0.0, Zeitstempel
0x4b65f583, Ausnahmecode 0xc0000005, Fehleroffset 0x000349c9, Prozess-ID 0x2e64,
Anwendungsstartzeit 01cbb7e6549a42e0.
Error - 21.01.2011 10:29:49 | Computer Name = holgoni-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.01.2011 17:53:49 | Computer Name = holgoni-PC | Source = Application Hang | ID = 1002
Description = Programm vlc.exe, Version 0.9.8.1 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 33b8 Anfangszeit: 01cbb9b56a82b080 Zeitpunkt der Beendigung:
12
Error - 21.01.2011 19:46:18 | Computer Name = holgoni-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung vlc.exe, Version 0.9.8.1, Zeitstempel 0x493a8cbd,
fehlerhaftes Modul libmkv_plugin.dll, Version 0.0.0.0, Zeitstempel 0x493a92d4,
Ausnahmecode 0xc0000005, Fehleroffset 0x0003bfcd, Prozess-ID 0x2798, Anwendungsstartzeit
01cbb9c1e711ef10.
Error - 22.01.2011 20:30:06 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 24.01.2011 06:26:36 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 26.01.2011 03:50:48 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 26.01.2011 03:54:54 | Computer Name = *** Source = WinMgmt | ID = 10
Description =
Error - 26.01.2011 03:55:23 | Computer Name = *** | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 10.10.2009 13:17:01 | Computer Name = *** | Source = HTTP | ID = 15016
Description =
Error - 10.10.2009 13:18:37 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 10.10.2009 14:08:08 | Computer Name = *** Source = HTTP | ID = 15016
Description =
Error - 10.10.2009 14:09:43 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 10.10.2009 18:56:05 | Computer Name = *** | Source = HTTP | ID = 15016
Description =
Error - 10.10.2009 18:57:46 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 11.10.2009 13:43:34 | Computer Name = *** | Source = HTTP | ID = 15016
Description =
Error - 11.10.2009 13:45:13 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 11.10.2009 16:03:02 | Computer Name = *** | Source = HTTP | ID = 15016
Description =
Error - 11.10.2009 16:04:41 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
< End of report >
und Report 2OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.02.2011 23:37:02 - Run 1 OTL by OldTimer - Version 3.2.21.0 Folder = C:\Users\***\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 219,88 Gb Total Space | 9,19 Gb Free Space | 4,18% Space Free | Partition Type: NTFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\AppData\Local\Temp\Q4XNcvkAN.exe (Microsoft) PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\***\AppData\Local\Temp\QHVhMOxI5.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\LekwG9fLq.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\NNmeaZirO.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\IkMt4l0v.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\pgmhdp.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\WCri7z9SEg.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\ah8CB.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\spz50wn.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\VhVXZBWiKY.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\1XVAZuIlPE.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\6yM2g4VlIeN.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\AS2jovH.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\0buQJbiiwo.exe (Microsoft) PRC - C:\Users\****\AppData\Local\Temp\ZlxVa8jXpj.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\qEZtvO.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\TwlluSuqOx.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\mQBCCj.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\ReCoDVnsy.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\sifjRWO.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\kgMd7T.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\XhIucwdPMd.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\OlpAbMy5c.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\3a1Cgdq92OM.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\luMs7R.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\RnW3UGCKQ.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\JrCaSWX0.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\cR3CJ.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\016qfKxm3x.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\rpittC.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\yAtVeIT.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\6SS7mIcDS97.exe (Microsoft) PRC - C:\Users\***\AppData\Local\Temp\uGbQWbc.exe (Microsoft) PRC - C:\Users\***\AppData\Roaming\AutoChks.exe (Microsoft) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Programme\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe () PRC - C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- File not found SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (ETService) -- C:\Programme\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe () SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () ========== Driver Services (SafeList) ========== DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (netr28) -- C:\Windows\System32\drivers\netr28.sys (Ralink Technology, Corp.) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (AVMUNET) -- C:\Windows\System32\drivers\avmunet.sys (AVM GmbH) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0309&m=easynote_mh45 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0309&m=easynote_mh45 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://aol.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431245&SearchSource=13" FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.23 19:49:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.23 01:27:09 | 000,000,000 | ---D | M] [2009.07.05 21:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\holgoni\AppData\Roaming\mozilla\Extensions [2011.02.21 15:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions [2009.09.20 12:13:44 | 000,000,000 | ---D | M] (Leet Key) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822} [2010.04.11 14:59:24 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.10.08 20:08:26 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.04.11 14:58:59 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.12.11 13:22:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\holgoni\AppData\Roaming\mozilla\Firefox\Profiles\i4d1z54f.default\extensions\engine@conduit.com [2010.06.08 10:29:10 | 000,000,927 | ---- | M] () -- C:\Users\holgoni\AppData\Roaming\Mozilla\Firefox\Profiles\i4d1z54f.default\searchplugins\conduit.xml [2011.01.28 21:56:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.07.30 23:17:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.12.30 21:38:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.01.24 11:26:40 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Programme\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} [2009.07.30 22:06:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009.10.29 20:11:14 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009.12.12 09:46:20 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010.03.12 19:10:54 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2010.07.30 23:17:01 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.12.30 21:38:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.01.24 11:26:40 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0} [2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmpcSys] C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [Auto Check Utility] C:\Users\holgoni\AppData\Roaming\AutoChks.exe (Microsoft) O4 - HKCU..\Run: [EPSON Stylus DX4000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [EPSON Stylus DX4000 Series (Kopie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [SmpcSys] C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKCU..\Run: [Windows Audio Service] C:\Users\***\AppData\Local\Temp\audio.exe (Microsoft) O4 - Startup: C:\Users\holgoni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\holgoni\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg O24 - Desktop BackupWallPaper: C:\Users\holgoni\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{32f85c10-b0f3-11de-9cb1-00238b939cb2}\Shell - "" = AutoRun O33 - MountPoints2\{32f85c10-b0f3-11de-9cb1-00238b939cb2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{42a06e93-89df-11de-b3b6-00238b939cb2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs O33 - MountPoints2\{4eaa4dde-c701-11de-8603-00238b939cb2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs O33 - MountPoints2\{e064726b-e212-11df-9532-00238b939cb2}\Shell\AutoRun\command - "" = E:\.\atze_player.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.22 20:57:42 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.02.22 20:57:39 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011.02.22 20:57:38 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.02.22 20:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011.02.22 20:57:07 | 000,000,000 | ---D | C] -- C:\Users\holgoni\AppData\Roaming\TuneUp Software [2011.02.22 20:56:46 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2011 [2011.02.22 20:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2011.02.22 20:55:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011.02.22 20:22:34 | 000,089,088 | -H-- | C] (Microsoft) -- C:\Users\holgoni\AppData\Roaming\AutoChks.exe [2011.02.21 18:58:50 | 000,000,000 | ---D | C] -- C:\Programme\You Don't Know Jack 4 [2011.01.28 21:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2011.01.28 21:55:30 | 000,000,000 | ---D | C] -- C:\Users\holgoni\AppData\Roaming\AVS4YOU [2011.01.28 21:55:20 | 000,000,000 | ---D | C] -- C:\Users\holgoni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU [2011.01.28 21:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU [2011.01.28 21:54:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\AVSMedia [2011.01.28 21:54:13 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll [2011.01.28 21:54:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll [2011.01.28 21:54:13 | 000,000,000 | ---D | C] -- C:\Programme\AVS4YOU [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.02.22 23:23:37 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.02.22 23:23:37 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.02.22 23:23:37 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.02.22 23:23:37 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.02.22 23:16:24 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.22 23:16:14 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011.02.22 23:16:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.22 23:16:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.22 23:16:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.22 21:27:05 | 000,248,320 | ---- | M] () -- C:\Users\holgoni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.22 21:10:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.22 20:57:34 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.02.22 20:57:34 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.02.22 16:10:36 | 000,002,631 | ---- | M] () -- C:\Users\holgoni\Desktop\Microsoft Office Word 2007.lnk [2011.02.22 00:37:39 | 000,011,718 | ---- | M] () -- C:\Users\holgoni\Documents\Götter.docx [2011.02.17 13:50:52 | 000,011,978 | ---- | M] () -- C:\Users\holgoni\Documents\Mette Geschenke Geburt.xlsx [2011.01.29 17:18:03 | 000,012,950 | ---- | M] () -- C:\Users\holgoni\Documents\Hurra for deg som fyller ditt år.docx [2011.01.28 21:55:21 | 000,001,088 | ---- | M] () -- C:\Users\holgoni\Desktop\AVS4YOU Software Navigator.lnk [2011.01.28 21:55:02 | 000,001,032 | ---- | M] () -- C:\Users\holgoni\Desktop\AVS Image Converter.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.02.22 20:57:34 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.02.22 20:57:34 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2011.02.22 20:57:33 | 000,001,879 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011.02.03 15:39:32 | 000,011,718 | ---- | C] () -- C:\Users\holgoni\Documents\Götter.docx [2011.01.29 17:18:02 | 000,012,950 | ---- | C] () -- C:\Users\holgoni\Documents\Hurra for deg som fyller ditt år.docx [2011.01.28 21:55:21 | 000,001,088 | ---- | C] () -- C:\Users\holgoni\Desktop\AVS4YOU Software Navigator.lnk [2011.01.28 21:55:02 | 000,001,032 | ---- | C] () -- C:\Users\holgoni\Desktop\AVS Image Converter.lnk [2011.01.25 13:13:53 | 000,029,717 | ---- | C] () -- C:\Users\holgoni\Documents\Elterngeld_Infoschreiben_Saarland_Internet(1).pdf [2010.03.29 20:30:30 | 000,000,503 | ---- | C] () -- C:\Windows\System32\FeMakro.ini [2010.03.29 20:30:30 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini [2010.03.03 09:37:20 | 000,000,169 | ---- | C] () -- C:\Windows\wininit.ini [2010.01.14 14:06:56 | 000,001,474 | ---- | C] () -- C:\Users\holgoni\AppData\Local\RecConfig.xml [2009.10.01 22:50:57 | 000,000,577 | ---- | C] () -- C:\Windows\System32\gmsblist.dll [2009.08.23 21:48:36 | 000,000,065 | ---- | C] () -- C:\Windows\FISHUI.INI [2009.07.21 22:47:18 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI [2009.07.21 21:08:14 | 000,019,654 | ---- | C] () -- C:\Users\holgoni\AppData\Roaming\mdbu.bin [2009.07.03 06:12:40 | 000,000,680 | ---- | C] () -- C:\Users\holgoni\AppData\Local\d3d9caps.dat [2009.06.18 07:50:23 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini [2009.06.15 10:11:56 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009.06.10 17:57:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2009.06.10 17:19:40 | 000,248,320 | ---- | C] () -- C:\Users\holgoni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.06.10 15:11:02 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2009.06.10 13:59:45 | 000,001,744 | ---- | C] () -- C:\Users\holgoni\AppData\Roaming\wklnhst.dat [2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll [2009.03.27 21:15:15 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2009.01.09 01:05:27 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2009.01.09 01:05:13 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll [2009.01.08 17:43:05 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini < End of report > |
|
23.02.2011, 11:48
| #2 |
| /// Malware-holic   | Es geht immer eine Fenster auf mit der Meldung - This assembley is protected by an unregisted versio ersetze *** im script durch nutzernamen!
__________________• Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL :files C:\Users\***\AppData\Local\Temp\QHVhMOxI5.exe C:\Users\***\AppData\Local\Temp\LekwG9fLq.exe C:\Users\***\AppData\Local\Temp\NNmeaZirO.exe C:\Users\***\AppData\Local\Temp\IkMt4l0v.exe C:\Users\***\AppData\Local\Temp\pgmhdp.exe C:\Users\***\AppData\Local\Temp\WCri7z9SEg.exe C:\Users\***\AppData\Local\Temp\ah8CB.exe C:\Users\***\AppData\Local\Temp\spz50wn.exe C:\Users\***\AppData\Local\Temp\VhVXZBWiKY.exe C:\Users\***\AppData\Local\Temp\1XVAZuIlPE.exe C:\Users\***\AppData\Local\Temp\6yM2g4VlIeN.exe C:\Users\***\AppData\Local\Temp\AS2jovH.exe C:\Users\***\AppData\Local\Temp\0buQJbiiwo.exe C:\Users\****\AppData\Local\Temp\ZlxVa8jXpj.exe C:\Users\***\AppData\Local\Temp\audio.exe :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. öffne computer, C: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. lade das archiv in unserem upload channel hoch. http://www.trojaner-board.de/54791-a...ner-board.html
__________________ |
|
23.02.2011, 19:45
| #3 |
| | Es geht immer eine Fenster auf mit der Meldung - This assembley is protected by an unregisted versio Vielen vielen dank Markus, aber ich hab die Nacht durchgeackert und es wieder in Griff bekommen. Danke nochmals für deine Bemühungen.
__________________ |
|
| Themen zu Es geht immer eine Fenster auf mit der Meldung - This assembley is protected by an unregisted versio |
| autorun, bho, c:\windows\system32\rundll32.exe, converter, corp./icp, desktop, error, excel, excel.exe, flash player, geld, google, home, home premium, iexplore.exe, install.exe, intranet, location, logfile, microsoft office word, mozilla, nvstor.sys, oldtimer, otl scan, otl.exe, packard bell, plug-in, programdata, programm, realtek, registry, rundll, saver, scan, searchplugins, security, senden, server, service pack 1, shell32.dll, software, start menu, svchost.exe, usb, usb 2.0, usenext, vista, wscript.exe |
Linear-Darstellung
