:hallo: Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin). - Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
- Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen". - Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
Code:
:OTL
MOD - [2012.07.25 12:30:37 | 000,203,264 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\winamp.lng
MOD - [2012.07.25 12:30:37 | 000,155,648 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\vis_milk2.lng
MOD - [2012.07.25 12:30:37 | 000,088,064 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\vis_avs.lng
MOD - [2012.07.25 12:30:37 | 000,055,808 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_local.lng
MOD - [2012.07.25 12:30:37 | 000,047,616 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_disc.lng
MOD - [2012.07.25 12:30:37 | 000,041,984 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_jumpex.lng
MOD - [2012.07.25 12:30:37 | 000,040,448 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_pmp.lng
MOD - [2012.07.25 12:30:37 | 000,036,352 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ombrowser.lng
MOD - [2012.07.25 12:30:37 | 000,023,040 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_mp3.lng
MOD - [2012.07.25 12:30:37 | 000,023,040 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_ff.lng
MOD - [2012.07.25 12:30:37 | 000,021,504 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_ml.lng
MOD - [2012.07.25 12:30:37 | 000,020,480 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_midi.lng
MOD - [2012.07.25 12:30:37 | 000,019,456 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_nopro.lng
MOD - [2012.07.25 12:30:37 | 000,018,944 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_mod.lng
MOD - [2012.07.25 12:30:37 | 000,016,384 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\out_ds.lng
MOD - [2012.07.25 12:30:37 | 000,015,360 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_wm.lng
MOD - [2012.07.25 12:30:37 | 000,015,360 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_classicart.lng
MOD - [2012.07.25 12:30:37 | 000,014,848 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_wire.lng
MOD - [2012.07.25 12:30:37 | 000,014,336 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_online.lng
MOD - [2012.07.25 12:30:37 | 000,014,336 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_cdda.lng
MOD - [2012.07.25 12:30:37 | 000,012,800 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_playlists.lng
MOD - [2012.07.25 12:30:37 | 000,011,776 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_nsv.lng
MOD - [2012.07.25 12:30:37 | 000,011,776 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_skinmanager.lng
MOD - [2012.07.25 12:30:37 | 000,011,264 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_usb.lng
MOD - [2012.07.25 12:30:37 | 000,011,264 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_android.lng
MOD - [2012.07.25 12:30:37 | 000,011,264 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_vorbis.lng
MOD - [2012.07.25 12:30:37 | 000,011,264 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_hotkeys.lng
MOD - [2012.07.25 12:30:37 | 000,010,752 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_undo.lng
MOD - [2012.07.25 12:30:37 | 000,010,240 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_timerestore.lng
MOD - [2012.07.25 12:30:37 | 000,009,728 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_downloads.lng
MOD - [2012.07.25 12:30:37 | 000,008,704 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_history.lng
MOD - [2012.07.25 12:30:37 | 000,008,192 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_tray.lng
MOD - [2012.07.25 12:30:37 | 000,007,680 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\vis_nsfs.lng
MOD - [2012.07.25 12:30:37 | 000,007,680 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\out_wave.lng
MOD - [2012.07.25 12:30:37 | 000,007,680 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_transcode.lng
MOD - [2012.07.25 12:30:37 | 000,007,680 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_plg.lng
MOD - [2012.07.25 12:30:37 | 000,007,168 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_orgler.lng
MOD - [2012.07.25 12:30:37 | 000,007,168 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_crasher.lng
MOD - [2012.07.25 12:30:37 | 000,006,656 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_autotag.lng
MOD - [2012.07.25 12:30:37 | 000,006,656 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_wav.lng
MOD - [2012.07.25 12:30:37 | 000,006,656 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_dshow.lng
MOD - [2012.07.25 12:30:37 | 000,006,144 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\tagz.lng
MOD - [2012.07.25 12:30:37 | 000,006,144 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_ipod.lng
MOD - [2012.07.25 12:30:37 | 000,006,144 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\out_disk.lng
MOD - [2012.07.25 12:30:37 | 000,006,144 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_wma.lng
MOD - [2012.07.25 12:30:37 | 000,005,632 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_wv.lng
MOD - [2012.07.25 12:30:37 | 000,005,632 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_wave.lng
MOD - [2012.07.25 12:30:37 | 000,005,632 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_flac.lng
MOD - [2012.07.25 12:30:37 | 000,005,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_rg.lng
MOD - [2012.07.25 12:30:37 | 000,005,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_impex.lng
MOD - [2012.07.25 12:30:37 | 000,005,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_bookmarks.lng
MOD - [2012.07.25 12:30:37 | 000,005,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_mp4.lng
MOD - [2012.07.25 12:30:37 | 000,005,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_avi.lng
MOD - [2012.07.25 12:30:37 | 000,004,608 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_activesync.lng
MOD - [2012.07.25 12:30:37 | 000,004,608 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_enqplay.lng
MOD - [2012.07.25 12:30:37 | 000,004,608 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_mkv.lng
MOD - [2012.07.25 12:30:37 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\winampa.lng
MOD - [2012.07.25 12:30:37 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_p4s.lng
MOD - [2012.07.25 12:30:37 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_orb.lng
MOD - [2012.07.25 12:30:37 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\gen_find_on_disk.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\pmp_njb.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_nowplaying.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\ml_addons.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_swf.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_linein.lng
MOD - [2012.07.25 12:30:37 | 000,003,584 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\in_flv.lng
MOD - [2012.07.25 12:30:37 | 000,003,072 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\playlist.lng
MOD - [2012.07.25 12:30:36 | 000,069,120 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\burnlib.lng
MOD - [2012.07.25 12:30:36 | 000,013,824 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\dsp_sps.lng
MOD - [2012.07.25 12:30:36 | 000,010,752 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\auth.lng
MOD - [2012.07.25 12:30:36 | 000,009,728 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_aacplus.lng
MOD - [2012.07.25 12:30:36 | 000,005,632 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_lame.lng
MOD - [2012.07.25 12:30:36 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_wav.lng
MOD - [2012.07.25 12:30:36 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_vorbis.lng
MOD - [2012.07.25 12:30:36 | 000,004,096 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\WLZCBB7.tmp\enc_flac.lng
MOD - [2012.07.13 22:02:54 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
SRV - [2012.07.20 00:19:20 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010.04.12 18:03:44 | 000,329,168 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\XSManager\WTGService.exe -- (WTGService)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 163.43.161.134:80
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://web.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - Startup: C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2b01a972-8d65-11e1-ad72-00aca19f098e}\Shell - "" = AutoRun
O33 - MountPoints2\{2b01a972-8d65-11e1-ad72-00aca19f098e}\Shell\AutoRun\command - "" = G:\autorun.exe
[2012.07.25 12:02:41 | 004,503,728 | ---- | M] () -- C:\ProgramData\piz_0ef.pad
:Files
C:\Users\Michel\AppData\Local\Temp
C:\ProgramData\piz_0ef.pad
C:\Windows\tasks\Adobe Flash Player Updater.job
e
C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash] - Schließe alle Programme.
- Klicke auf den Fix Button.
- Wenn OTL einen Neustart verlangt, bitte zulassen.
- Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\ Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |