Dringend! Schwerer Fehler |
||
---|---|---|
#0
| ||
19.04.2012, 19:50
...neu hier
Beiträge: 4 |
||
|
||
19.04.2012, 20:26
Moderator
Beiträge: 5694 |
#2
Herzlich Willkommen auf dem Protecus Forum
Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden. • Bitte arbeite alle Schritte der Reihe nach ab. • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben. • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst. • Bitte kein Crossposting (posten in mehreren Foren). • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert. • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst. • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten. Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist. Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Schritt 1 Downloade Dir bitte [URL=http://filepony.de/dl-bWJhbS1zZXR1cC5leGU=-malwarebytes_anti_malware-1272569975-8918697/]Malwarebytes[/URL]• Installiere das Programm in den vorgegebenen Pfad. [color=green]Vista und Win7 User mit Rechtsklick "als Administrator starten"[/color]• Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung• Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.• Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.• Versichere Dich, dass [color=red]alle Funde[/color] markiert sind und drücke Entferne Auswahl.• Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.• Nachträglich kannst du den Bericht unter "Log Dateien" finden. Schritt 2 Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop • Starte bitte die OTL.exe. Vista und Win7 User mit Rechtsklick "als Administrator starten" • Kopiere nun den Inhalt in die Textbox. Code activex• Schliesse bitte nun alle Programme. (Wichtig) • Klicke nun bitte auf den Quick Scan Button. • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread |
|
|
||
20.04.2012, 14:40
...neu hier
Themenstarter Beiträge: 4 |
#3
Das is der Scan VOn Malewarebytes/Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org Datenbank Version: v2012.04.20.02 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 pc :: PC-PC [Administrator] Schutz: Aktiviert 20.04.2012 14:05:00 mbam-log-2012-04-20 (14-05-00).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 179127 Laufzeit: 3 Minute(n), 59 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL.Text OTL logfile created on: 20.04.2012 14:21:04 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\pc\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 51,03% Memory free 3,98 Gb Paging File | 2,83 Gb Available in Paging File | 71,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 904,79 Gb Free Space | 97,13% Space Free | Partition Type: NTFS Drive D: | 74,50 Gb Total Space | 23,38 Gb Free Space | 31,38% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: pc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012.04.20 13:57:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.04.04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.03.13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.02.09 12:59:08 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.02.09 12:59:08 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012.02.06 14:24:20 | 000,451,856 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieCtrl.exe PRC - [2012.02.06 14:24:18 | 000,074,512 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe PRC - [2011.09.06 23:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2011.09.06 23:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.10.22 03:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanGUI.exe PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.13 02:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) -- C:\Windows\UnsignedThemesSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012.03.13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012.04.19 15:35:10 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.02.09 12:59:08 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.02.06 14:24:18 | 000,074,512 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2012.01.31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.09.06 23:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.07.13 02:07:48 | 000,021,096 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2012.04.20 14:04:33 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.02.09 12:48:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012.02.06 14:24:16 | 000,133,392 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011.09.06 23:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011.09.06 23:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.09.06 23:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.09.06 23:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.09.06 23:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011.09.06 23:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010.10.01 02:00:00 | 000,926,080 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb4.sys -- (fwlanusb4) DRV - [2010.10.01 02:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject) DRV - [2010.01.12 20:57:24 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr) DRV - [2010.01.12 20:57:23 | 000,294,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm) DRV - [2010.01.12 20:57:23 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus) DRV - [2010.01.12 20:57:23 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb) DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2009.07.13 02:07:46 | 000,025,448 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\uxpatch.sys -- (uxpatch) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 B4 AC 35 08 D9 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109794&babsrc=SP_ss&mntrId=321f81b300000000000000259c96c9bd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.02.20 16:53:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.26 16:07:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.26 16:07:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pc\AppData\Roaming\mozilla\Extensions [2012.03.26 16:13:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pc\AppData\Roaming\mozilla\Firefox\Profiles\awza44qj.default\extensions [2012.03.26 16:12:15 | 000,010,338 | ---- | M] () -- C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\awza44qj.default\searchplugins\duckduckgo.xml [2012.03.26 16:12:31 | 000,002,219 | ---- | M] () -- C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\awza44qj.default\searchplugins\g-forum-search.xml [2012.03.26 16:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWZA44QJ.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI [2012.03.13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{310A83A2-060F-4EF0-B0C1-FE91F5850D8D}: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{643A2F63-96D3-472D-A124-3A76C0ACE72B}: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A148A00-FB04-4EB2-AB55-1A123240458E}: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8981998E-CCCF-48B5-9235-733A362C3AD1}: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF509E50-845C-4127-982D-475F5E1663A0}: DhcpNameServer = 195.50.140.116 195.50.140.246 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1F4803B-D66A-4FCF-A164-66D6AED6845F}: DhcpNameServer = 195.50.140.116 195.50.140.246 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.09.18 16:31:04 | 000,000,000 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{d2ce1b6f-5bc1-11e1-9149-00123f5b68fa}\Shell - "" = AutoRun O33 - MountPoints2\{d2ce1b6f-5bc1-11e1-9149-00123f5b68fa}\Shell\AutoRun\command - "" = F:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012.04.20 14:04:33 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.04.20 13:57:20 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe [2012.04.20 13:55:37 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Malwarebytes [2012.04.20 13:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.04.20 13:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.04.20 13:55:30 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.04.20 13:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.04.14 00:43:45 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Simfy [2012.04.14 00:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.04.14 00:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy [2012.04.14 00:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\simfy [2012.04.14 00:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.04.14 00:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2012.04.14 00:38:43 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\Adobe [2012.04.12 12:16:28 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\redsn0w [2012.04.12 12:16:12 | 000,000,000 | ---D | C] -- C:\Users\pc\Documents\redsn0w_win_0.9.10b6-1 [2012.03.26 16:07:41 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Mozilla [2012.03.26 16:07:41 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\Mozilla [2012.03.26 16:00:19 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor [2012.03.26 15:57:07 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Tor [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012.04.20 14:04:33 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.04.20 13:57:30 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\pc\Desktop\OTL.exe [2012.04.20 13:55:32 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.04.20 13:54:16 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.20 13:54:16 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.20 13:51:57 | 000,655,802 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.04.20 13:51:57 | 000,616,348 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.04.20 13:51:57 | 000,130,434 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.04.20 13:51:57 | 000,106,728 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.04.20 13:46:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.20 13:46:48 | 1602,859,008 | -HS- | M] () -- C:\hiberfil.sys [2012.04.19 19:52:16 | 000,000,061 | ---- | M] () -- C:\Users\pc\Desktop\Dringend! Schwerer Fehler - Virus Hilfe.URL [2012.04.19 19:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.14 00:43:46 | 000,000,032 | ---- | M] () -- C:\Users\pc\.simfy [2012.04.14 00:43:39 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\simfy.lnk [2012.04.13 23:54:11 | 004,864,000 | ---- | M] () -- C:\Users\pc\Desktop\Chris Brown - What it Do -www.hiphopgenerals.com.mp3 [2012.04.12 11:58:59 | 003,318,627 | ---- | M] () -- C:\Users\pc\Desktop\Stromae - Alors On Danse.mp3 [2012.04.12 11:42:42 | 004,240,509 | R--- | M] () -- C:\Users\pc\Desktop\Macklemore & Ryan Lewis - Can't Hold Us..mp3 [2012.04.11 17:38:58 | 203,554,938 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.03.28 06:55:43 | 000,001,478 | ---- | M] () -- C:\Users\pc\Desktop\images.jpg [2012.03.28 06:55:22 | 000,000,493 | ---- | M] () -- C:\Users\pc\Desktop\httpwww.google.deimgresq=Macklemore+cover&hl=de&biw=976&bih=603&gbv=2&tbm=isch&tbnid=iJaDT-Ua2sU1BM&imgrefurl=httpgoodmusica.URL [2012.03.26 16:07:13 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.03.26 16:00:19 | 000,001,536 | ---- | M] () -- C:\Users\pc\Desktop\Tor.lnk [2012.03.23 21:19:12 | 000,000,161 | ---- | M] () -- C:\Users\pc\Desktop\Stereo Lautsprecher Soundstation MusicMan Midi blau (4260101738356) eBay.url [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012.04.20 13:55:32 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012.04.19 19:50:50 | 000,000,061 | ---- | C] () -- C:\Users\pc\Desktop\Dringend! Schwerer Fehler - Virus Hilfe.URL [2012.04.19 15:11:00 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.04.14 00:43:46 | 000,000,032 | ---- | C] () -- C:\Users\pc\.simfy [2012.04.14 00:43:39 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\simfy.lnk [2012.04.13 23:53:35 | 004,864,000 | ---- | C] () -- C:\Users\pc\Desktop\Chris Brown - What it Do -www.hiphopgenerals.com.mp3 [2012.04.12 11:58:20 | 003,318,627 | ---- | C] () -- C:\Users\pc\Desktop\Stromae - Alors On Danse.mp3 [2012.04.12 11:42:21 | 004,240,509 | R--- | C] () -- C:\Users\pc\Desktop\Macklemore & Ryan Lewis - Can't Hold Us..mp3 [2012.04.11 17:38:58 | 203,554,938 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.03.28 06:55:41 | 000,001,478 | ---- | C] () -- C:\Users\pc\Desktop\images.jpg [2012.03.28 06:55:22 | 000,000,493 | ---- | C] () -- C:\Users\pc\Desktop\httpwww.google.deimgresq=Macklemore+cover&hl=de&biw=976&bih=603&gbv=2&tbm=isch&tbnid=iJaDT-Ua2sU1BM&imgrefurl=httpgoodmusica.URL [2012.03.26 16:07:13 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.03.26 16:07:12 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.03.26 16:00:19 | 000,001,536 | ---- | C] () -- C:\Users\pc\Desktop\Tor.lnk [2012.03.23 21:19:12 | 000,000,161 | ---- | C] () -- C:\Users\pc\Desktop\Stereo Lautsprecher Soundstation MusicMan Midi blau (4260101738356) eBay.url [2012.02.21 17:45:54 | 000,001,566 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.02.20 17:34:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\controls.ini [2012.02.20 14:57:07 | 000,049,792 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusb4.bin [color=#E56717]========== LOP Check ==========[/color] [2012.02.23 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\.minecraft [2012.01.22 17:19:14 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Babylon [2012.02.22 15:35:59 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Opera [2012.04.12 12:16:28 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\redsn0w [2012.04.14 00:43:45 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Simfy [2012.02.25 10:55:26 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\TuneUp Software [2012.04.13 17:15:18 | 000,031,372 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > OTL Extra TXt. OTL Extras logfile created on: 20.04.2012 14:21:04 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\pc\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 51,03% Memory free 3,98 Gb Paging File | 2,83 Gb Available in Paging File | 71,11% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,51 Gb Total Space | 904,79 Gb Free Space | 97,13% Space Free | Partition Type: NTFS Drive D: | 74,50 Gb Total Space | 23,38 Gb Free Space | 31,38% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: pc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant *S-1-5-32-544:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1" = SmartPCFixer 4.2 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{57C39411-6747-489C-A226-46885FB0D2D0}" = DriverBoost "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta "{B4C40A0E-14C9-1E1F-2AEC-ABF96EA3FB51}" = simfy "{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE) "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "avast" = avast! Free Antivirus "AVMWLANCLI" = AVM FRITZ!WLAN "CCleaner" = CCleaner "HDMI" = Intel(R) Graphics Media Accelerator Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de) "Opera 11.61.1250" = Opera 11.61 "Sandboxie" = Sandboxie 3.64 (32-bit) "Simfy" = simfy "softonic" = Softonic toolbar on IE and Chrome "TuneUp Utilities 2012" = TuneUp Utilities 2012 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Zip Uncompressor" = Zip Uncompressor [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
|
|
||
20.04.2012, 21:46
Moderator
Beiträge: 5694 |
#4
ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten. Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt als Administrator starten. • Dein Anti-Virus-Programm während des Scans deaktivieren. Button (<< klick) drücken. • Firefox-User: Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren. • IE-User: müssen das Installieren eines ActiveX Elements erlauben. • Setze den einen Hacken bei Yes, i accept the Terms of Use. • Drücke den Button. • Warte bis die Komponenten herunter geladen wurden. • Setze einen Haken bei "Scan archives". • Gehe sicher das bei Remove Found Threads kein Hacken gesetzt ist. • drücken. • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.Wenn der Scan beendet wurde • Klicke . • Klicke und speichere das Logfile als ESET.txt auf dem Desktop. • Klicke Back und Finish Bitte poste die Logfile hier. |
|
|
||
22.04.2012, 14:24
...neu hier
Themenstarter Beiträge: 4 |
#5
Witig ich kann es nicht installieren da es beschädigt is wenn ich es downloade
|
|
|
||
22.04.2012, 22:19
Moderator
Beiträge: 5694 |
#6
Was kommt für eine Meldung?
|
|
|
||
27.04.2012, 19:53
...neu hier
Themenstarter Beiträge: 4 |
#7
Datei bescheadigt /kann schliesslich nicht geladen werden
|
|
|
||
27.04.2012, 20:49
Moderator
Beiträge: 5694 |
#8
Versuche so:
Abgesicherter Modus zur Bereinigung • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen. • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern: |
|
|
||
Scan saved at 19:46:21, on 19.04.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\avmwlanstick\WLanGUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\pc\Downloads\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\wlangui.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
--
End of file - 4562 bytes