HTML/Infected.WebPage.Gen2 Wie entfernen?

markusg · 13.03.2012, 21:19

wieso hast du jetz mehrere otl logs gepostet...? eins erstellt um 20.30 eines später?

Phi1ipp · 13.03.2012, 21:20

hab ja drüber geschrieben Part 1 und Part 2
Das war zu lang, hat nich in einen Beitrag gepasst.

markusg · 13.03.2012, 21:26

aber du hast das doch doppelt gemacht irgendwie....
hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL

 :Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

Phi1ipp · 13.03.2012, 21:29

Wirklich? Komisch..
Also jetzt alles nochmal? Wird gemacht.

markusg · 13.03.2012, 21:30

jetzt das script aus dem letzten post bitte

Phi1ipp · 13.03.2012, 21:34

Tut mir leid, ich komm jetzt nicht mehr ganz mit. Was genau ist ein Script? Und in welche Testbox?

markusg · 13.03.2012, 21:45

naja in die selbe textbox wo du das erste script schon eingefügt hast.
und das script steht in der codebox auf der letzten seite, vorletzter oder drittletzter post.

Phi1ipp · 13.03.2012, 21:52

Ich hoff ich hab's richtig gemacht:

Zitat:

Error: Unable to interpret <OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 13.03.2012 20:53:07 - Run 1> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.36.3     Folder = C:\Users\xxx\Desktop> in the current context!
Error: Unable to interpret <Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 7.0.6002.18005)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <2,00 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,79% Memory free> in the current context!
Error: Unable to interpret <4,23 Gb Paging File | 3,20 Gb Available in Paging File | 75,46% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context!
Error: Unable to interpret <Drive C: | 232,88 Gb Total Space | 116,20 Gb Free Space | 49,90% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: XXX-PC | User Name: xxx | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Quick Scan> in the current context!
Error: Unable to interpret <Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Extra Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== File Associations ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)> in the current context!
Error: Unable to interpret <.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]> in the current context!
Error: Unable to interpret <.html [@ = ChromeHTML] -- Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Shell Spawning ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]> in the current context!
Error: Unable to interpret <batfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cmdfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)> in the current context!
Error: Unable to interpret <exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <helpfile [open] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)> in the current context!
Error: Unable to interpret <http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)> in the current context!
Error: Unable to interpret <https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)> in the current context!
Error: Unable to interpret <inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l> in the current context!
Error: Unable to interpret <piffile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <regfile [merge] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <scrfile [config] -- "%1"> in the current context!
Error: Unable to interpret <scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l> in the current context!
Error: Unable to interpret <scrfile [open] -- "%1" /S> in the current context!
Error: Unable to interpret <txtfile [edit] -- Reg Error: Key error.> in the current context!
Error: Unable to interpret <Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1> in the current context!
Error: Unable to interpret <Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()> in the current context!
Error: Unable to interpret <Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)> in the current context!
Error: Unable to interpret <Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Security Center Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]> in the current context!
Error: Unable to interpret <"cval" = 1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]> in the current context!
Error: Unable to interpret <"AntiVirusOverride" = 0> in the current context!
Error: Unable to interpret <"AntiSpywareOverride" = 0> in the current context!
Error: Unable to interpret <"FirewallOverride" = 0> in the current context!
Error: Unable to interpret <"VistaSp1" = Reg Error: Unknown registry data type -- File not found> in the current context!
Error: Unable to interpret <"VistaSp2" = Reg Error: Unknown registry data type -- File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Firewall Settings ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]> in the current context!
Error: Unable to interpret <"EnableFirewall" = 1> in the current context!
Error: Unable to interpret <"DisableNotifications" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Authorized Applications List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Open Ports Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{10A9CA80-571B-4A0C-9594-AA9890BDC13D}" = lport=2869 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{148D9348-CE43-4072-A69B-1CA6C7FFE317}" = rport=139 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{1C04F61C-9393-43AC-B54A-B112720B47D6}" = rport=445 | protocol=6 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{1D9A31B8-EC52-4666-9D59-68F340607826}" = rport=138 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{21BBF12B-9EFD-4AF8-BAC4-8D24B56B223F}" = lport=139 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{26C484CF-FD02-45F8-AD6B-F8048FEB01F3}" = lport=137 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{370B8E3B-2BC3-476C-BA99-3E8479DC6F9B}" = rport=137 | protocol=17 | dir=out | app=system | > in the current context!
Error: Unable to interpret <"{425D48C0-05B8-45F4-A753-6A9148B64BBD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | > in the current context!
Error: Unable to interpret <"{963DA0A2-BA0B-40C7-B0B0-C9F161072B28}" = lport=445 | protocol=6 | dir=in | app=system | > in the current context!
Error: Unable to interpret <"{A238E9E5-DAA9-4AAF-981B-590AD91A65DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | > in the current context!
Error: Unable to interpret <"{B8D520B1-0E32-4ACF-BD6A-ECEAA9E6D957}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | > in the current context!
Error: Unable to interpret <"{E361AD73-27C2-486D-89E4-12E3F560CAA6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | > in the current context!
Error: Unable to interpret <"{EE11ECB5-CB0E-4A11-9763-DBF4AE757372}" = lport=138 | protocol=17 | dir=in | app=system | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Vista Active Application Exception List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]> in the current context!
Error: Unable to interpret <"{01D609E0-AB4B-48E9-85ED-B6169372BD2C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | > in the current context!
Error: Unable to interpret <"{06A4F8FE-BBC9-4E29-B2ED-5784851C83C3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | > in the current context!
Error: Unable to interpret <"{08D1C454-3278-4A94-81E6-0682CC6619DA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | > in the current context!
Error: Unable to interpret <"{1F1859B8-39C8-4815-8403-390BC62FF19F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | > in the current context!
Error: Unable to interpret <"{243449DE-28FD-4613-BE81-A21CBDEEEE19}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | > in the current context!
Error: Unable to interpret <"{36A8E1F0-284A-4440-BE84-982765D88239}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | > in the current context!
Error: Unable to interpret <"{3742FBDF-88F2-4B00-906B-191E490A41C4}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | > in the current context!
Error: Unable to interpret <"{3F3DD2F8-0642-4B2C-9B3E-34871BDC9073}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | > in the current context!
Error: Unable to interpret <"{43AAF87A-4AF3-4214-95B6-87F53CAD7704}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{455E780D-F989-4A00-A81A-76F2D76CB951}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | > in the current context!
Error: Unable to interpret <"{463AE02F-58C8-404E-B37D-873A02650F08}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{494FE613-496D-4925-81C2-FEC65770ACF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | > in the current context!
Error: Unable to interpret <"{4B76DB14-2420-49E6-A3EC-A55BCDAF5742}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | > in the current context!
Error: Unable to interpret <"{7F3ADD7B-F305-4337-8D01-EE14ABED972B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | > in the current context!
Error: Unable to interpret <"{83357266-1EE3-485A-BCA4-B79BD4BF1794}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | > in the current context!
Error: Unable to interpret <"{8A6E010E-812D-4590-B520-112CCA55A369}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | > in the current context!
Error: Unable to interpret <"{8DA42E04-35CD-400A-BF7A-CD489147AB76}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{964BC96F-8391-4D11-82DF-0EF77676B39F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | > in the current context!
Error: Unable to interpret <"{9DAB979F-7BB2-4DFA-AF57-AA55B3D19D3A}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | > in the current context!
Error: Unable to interpret <"{9E6E8CAA-13DE-467B-AA18-88BAC3C78AEF}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{9E923943-8E77-4A49-BA0A-0B2110BD3AAB}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | > in the current context!
Error: Unable to interpret <"{A5756368-7B58-4365-A19C-FB4A1F091DA9}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{AFC4060E-348A-4597-B952-0593904A957F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | > in the current context!
Error: Unable to interpret <"{B73A0A57-8AC8-45E2-AAC4-CF4D5F00B390}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | > in the current context!
Error: Unable to interpret <"{BB1E1C7C-AEE0-4447-8292-6C4A66763F79}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | > in the current context!
Error: Unable to interpret <"{BD0E9F7F-503E-489F-A2EA-B61E81882CDC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | > in the current context!
Error: Unable to interpret <"{BEEE7A00-FCF3-4EE1-A69C-B41A8D0000BF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | > in the current context!
Error: Unable to interpret <"{C0448B10-B94C-413B-8E4B-2ED7DE36D848}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | > in the current context!
Error: Unable to interpret <"{CE7AFB66-F33E-4CD4-912D-DF563C35497E}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | > in the current context!
Error: Unable to interpret <"{D1231DBE-4882-42C2-925E-AE261CE30711}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | > in the current context!
Error: Unable to interpret <"{D57B36C7-1EEE-46AD-BD2C-E9C7379871CD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | > in the current context!
Error: Unable to interpret <"{D96B2465-F4F3-4989-8DE4-836450012163}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | > in the current context!
Error: Unable to interpret <"{E2B9B101-78E9-4D2F-BDA8-DE6D50BE239F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{224A34D9-1BF4-46CD-A010-2953849E07E6}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{378575BF-2801-4DB9-9028-659F6F5E4277}C:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe" = protocol=6 | dir=in | app=c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{4B763110-531F-4062-B45B-F5CA75EF9E5D}C:\program files\hasbro interactive\clue\clue.exe" = protocol=6 | dir=in | app=c:\program files\hasbro interactive\clue\clue.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{D65667FD-0DF9-4FD7-9FAF-7F00C9F77E0A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{E0CD333B-14A3-4513-B5D5-57E496C1FA7E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{E6FE7DB7-BC16-4CDB-A6D7-6FDAA46A5B8B}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | > in the current context!
Error: Unable to interpret <"TCP Query User{FA27C76D-45F1-4076-9997-2E6E541DED81}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{2181925D-CDE8-4FB4-ADDB-34C637EC12BA}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{449C9733-0BC8-4219-AC4C-14698457880A}C:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe" = protocol=17 | dir=in | app=c:\program files\common files\pocketsoft\rtpatch\autortp\artpschd.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{45DB35ED-44E8-42A2-82E8-2B6D2F71666A}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{4C26F38E-AD48-487A-93EA-B26DEAA466D2}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{6DAE011A-3B0B-4CC2-87F4-1E45A80E6084}C:\program files\hasbro interactive\clue\clue.exe" = protocol=17 | dir=in | app=c:\program files\hasbro interactive\clue\clue.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{C2911752-8E38-44E5-863C-768FD4078DE7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | > in the current context!
Error: Unable to interpret <"UDP Query User{CFB0DF08-6D3C-46F5-9D31-CEE85D1A21C2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_LOCAL_MACHINE Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5100> in the current context!
Error: Unable to interpret <"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu> in the current context!
Error: Unable to interpret <"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour> in the current context!
Error: Unable to interpret <"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter> in the current context!
Error: Unable to interpret <"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer> in the current context!
Error: Unable to interpret <"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.4> in the current context!
Error: Unable to interpret <"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148> in the current context!
Error: Unable to interpret <"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool> in the current context!
Error: Unable to interpret <"{213C78C9-8CDC-48B5-89AC-94D161533C3C}" = Command Center for Mobiles> in the current context!
Error: Unable to interpret <"{21D9DC24-7826-4007-B245-5FB80ED0F682}_is1" = Ecosia Plugin 1.0> in the current context!
Error: Unable to interpret <"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT> in the current context!
Error: Unable to interpret <"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer> in the current context!
Error: Unable to interpret <"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29> in the current context!
Error: Unable to interpret <"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie> in the current context!
Error: Unable to interpret <"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform> in the current context!
Error: Unable to interpret <"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile> in the current context!
Error: Unable to interpret <"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker> in the current context!
Error: Unable to interpret <"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker> in the current context!
Error: Unable to interpret <"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger> in the current context!
Error: Unable to interpret <"{441C8911-CEC0-19E6-6CAC-694553E06A28}" = myphotobook.de> in the current context!
Error: Unable to interpret <"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater> in the current context!
Error: Unable to interpret <"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent> in the current context!
Error: Unable to interpret <"{52E1698D-8B87-4B79-B609-77C763C3E6D9}" = YouTube Video Converter> in the current context!
Error: Unable to interpret <"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime> in the current context!
Error: Unable to interpret <"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01> in the current context!
Error: Unable to interpret <"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053> in the current context!
Error: Unable to interpret <"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call> in the current context!
Error: Unable to interpret <"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update> in the current context!
Error: Unable to interpret <"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2> in the current context!
Error: Unable to interpret <"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4> in the current context!
Error: Unable to interpret <"{755F77D1-717E-4D7D-BF21-D3EB63906365}" = Winbond CIR Device Drivers> in the current context!
Error: Unable to interpret <"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync> in the current context!
Error: Unable to interpret <"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes> in the current context!
Error: Unable to interpret <"{7B63B2922B174135AFC0E1377DD81EC2}" = > in the current context!
Error: Unable to interpret <"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver> in the current context!
Error: Unable to interpret <"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support> in the current context!
Error: Unable to interpret <"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar> in the current context!
Error: Unable to interpret <"{8A261769-9640-4DB4-B877-3E00C61967F3}_is1" = concept/design onlineTV 5> in the current context!
Error: Unable to interpret <"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX> in the current context!
Error: Unable to interpret <"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4> in the current context!
Error: Unable to interpret <"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007> in the current context!
Error: Unable to interpret <"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)> in the current context!
Error: Unable to interpret <"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007> in the current context!
Error: Unable to interpret <"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)> in the current context!
Error: Unable to interpret <"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In> in the current context!
Error: Unable to interpret <"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager> in the current context!
Error: Unable to interpret <"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3> in the current context!
Error: Unable to interpret <"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting> in the current context!
Error: Unable to interpret <"{996538DE-DAB2-4B77-9BF4-9C1A6F0D7F42}" = Keyboard OSD Utility> in the current context!
Error: Unable to interpret <"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17> in the current context!
Error: Unable to interpret <"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161> in the current context!
Error: Unable to interpret <"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper> in the current context!
Error: Unable to interpret <"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution> in the current context!
Error: Unable to interpret <"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch> in the current context!
Error: Unable to interpret <"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR> in the current context!
Error: Unable to interpret <"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter> in the current context!
Error: Unable to interpret <"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1> in the current context!
Error: Unable to interpret <"{EC87E256-B0A4-4A41-8682-AB57FF21196D}" = SweetIM for Messenger 2.7> in the current context!
Error: Unable to interpret <"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support> in the current context!
Error: Unable to interpret <"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]> in the current context!
Error: Unable to interpret <"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219> in the current context!
Error: Unable to interpret <"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard> in the current context!
Error: Unable to interpret <"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5> in the current context!
Error: Unable to interpret <"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio> in the current context!
Error: Unable to interpret <"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack> in the current context!
Error: Unable to interpret <"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife> in the current context!
Error: Unable to interpret <"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package> in the current context!
Error: Unable to interpret <"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)> in the current context!
Error: Unable to interpret <"7-Zip" = 7-Zip 4.65> in the current context!
Error: Unable to interpret <"Adobe AIR" = Adobe AIR> in the current context!
Error: Unable to interpret <"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX> in the current context!
Error: Unable to interpret <"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin> in the current context!
Error: Unable to interpret <"Adobe Shockwave Player" = Adobe Shockwave Player 11.5> in the current context!
Error: Unable to interpret <"ah" = ah Screen Saver> in the current context!
Error: Unable to interpret <"Avira AntiVir Desktop" = Avira Free Antivirus> in the current context!
Error: Unable to interpret <"CamStudio" = CamStudio> in the current context!
Error: Unable to interpret <"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de> in the current context!
Error: Unable to interpret <"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters> in the current context!
Error: Unable to interpret <"DivX Setup.divx.com" = DivX-Setup> in the current context!
Error: Unable to interpret <"eMule" = eMule> in the current context!
Error: Unable to interpret <"ENTERPRISE" = Microsoft Office Enterprise 2007> in the current context!
Error: Unable to interpret <"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7> in the current context!
Error: Unable to interpret <"Free Studio_is1" = Free Studio version 4.8> in the current context!
Error: Unable to interpret <"Free YouTube Download_is1" = Free YouTube Download 2.10> in the current context!
Error: Unable to interpret <"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228> in the current context!
Error: Unable to interpret <"Google Chrome" = Google Chrome> in the current context!
Error: Unable to interpret <"Hotspot_Shield Toolbar" = Hotspot_Shield Toolbar> in the current context!
Error: Unable to interpret <"HotspotShield" = Hotspot Shield 2.24> in the current context!
Error: Unable to interpret <"HyperCam 2" = HyperCam 2> in the current context!
Error: Unable to interpret <"ICQToolbar" = ICQ Toolbar> in the current context!
Error: Unable to interpret <"InstallShield_{213C78C9-8CDC-48B5-89AC-94D161533C3C}" = Command Center for Mobiles> in the current context!
Error: Unable to interpret <"InstallShield_{996538DE-DAB2-4B77-9BF4-9C1A6F0D7F42}" = OSD Utility> in the current context!
Error: Unable to interpret <"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio> in the current context!
Error: Unable to interpret <"Intelli-studio" = SAMSUNG Intelli-studio> in the current context!
Error: Unable to interpret <"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile> in the current context!
Error: Unable to interpret <"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack> in the current context!
Error: Unable to interpret <"NVIDIA Display Control Panel" = NVIDIA Display Control Panel> in the current context!
Error: Unable to interpret <"NVIDIA Drivers" = NVIDIA Drivers> in the current context!
Error: Unable to interpret <"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver> in the current context!
Error: Unable to interpret <"ObjectDock" = ObjectDock> in the current context!
Error: Unable to interpret <"PhotoScape" = PhotoScape> in the current context!
Error: Unable to interpret <"Picasa 3" = Picasa 3> in the current context!
Error: Unable to interpret <"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software> in the current context!
Error: Unable to interpret <"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set> in the current context!
Error: Unable to interpret <"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software> in the current context!
Error: Unable to interpret <"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software> in the current context!
Error: Unable to interpret <"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software> in the current context!
Error: Unable to interpret <"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software> in the current context!
Error: Unable to interpret <"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software> in the current context!
Error: Unable to interpret <"SynTPDeinstKey" = Synaptics Pointing Device Driver> in the current context!
Error: Unable to interpret <"SystemRequirementsLab" = System Requirements Lab> in the current context!
Error: Unable to interpret <"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2> in the current context!
Error: Unable to interpret <"Uninstall_is1" = Uninstall 1.0.0.1> in the current context!
Error: Unable to interpret <"VLC media player" = VLC media player 1.0.1> in the current context!
Error: Unable to interpret <"WinLiveSuite_Wave3" = Windows Live Essentials> in the current context!
Error: Unable to interpret <"WinRAR archiver" = WinRAR> in the current context!
Error: Unable to interpret <"Worms 2" = Worms 2> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== HKEY_CURRENT_USER Uninstall List ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]> in the current context!
Error: Unable to interpret <"6e94869c75b57080" = AuroraLightsFX> in the current context!
Error: Unable to interpret <"f031ef6ac137efc5" = Dell Driver Download Manager> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Last 10 Event Log Errors ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >

--- --- ---
> in the current context!

OTL by OldTimer - Version 3.2.36.3 log created on 03132012_215108

markusg · 14.03.2012, 13:58

ne, lies doch mal das letzte script, keiner hat gesagt du sollst das logfile einfügen, sondern das von mir erstellte script....
steht ja eig deutlich da...
hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL

 :Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.

Phi1ipp · 14.03.2012, 15:20

Sorry, jetzt dürft's richtig sein:

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: ***
->Flash cache emptied: 0 bytes

User: ***
->Flash cache emptied: 0 bytes

User: ***
->Flash cache emptied: 0 bytes

User: Public

User: xxx
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: xxx
->Temp folder emptied: 32926 bytes
->Temporary Internet Files folder emptied: 64175 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 6556603 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 85399122 bytes
RecycleBin emptied: 5474073 bytes

Total Files Cleaned = 93,00 mb

OTL by OldTimer - Version 3.2.36.3 log created on 03142012_151307

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

markusg · 14.03.2012, 19:02

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.

Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
Tool

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Hinweis:
Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Phi1ipp · 14.03.2012, 19:13

Danke, mach ich gleich.

Phi1ipp · 14.03.2012, 20:25

Combofix:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-03-14.01 - xxx 14.03.2012  19:58:09.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.1310 [GMT 1:00]
ausgeführt von:: c:\users\xxx\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Mozilla Firefox\components\AskHPRFF.js
c:\windows\IsUn0407.exe
c:\windows\system32\odbcad32.exe
c:\windows\system32\reg.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-14 bis 2012-03-14  ))))))))))))))))))))))))))))))
.
.
2012-03-14 19:17 . 2012-03-14 19:18	--------	d-----w-	c:\users\xxx\AppData\Local\temp
2012-03-14 19:17 . 2012-03-14 19:17	--------	d-----w-	c:\users\Ma und Pa\AppData\Local\temp
2012-03-14 19:17 . 2012-03-14 19:17	--------	d-----w-	c:\users\Julsche\AppData\Local\temp
2012-03-14 19:17 . 2012-03-14 19:17	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2012-03-14 19:17 . 2012-03-14 19:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-03-14 18:49 . 2012-03-14 18:49	--------	d-----w-	c:\users\xxx\AppData\Local\Babylon
2012-03-14 18:49 . 2012-03-14 18:49	--------	d-----w-	c:\users\xxx\AppData\Roaming\Babylon
2012-03-14 18:49 . 2012-03-14 18:49	--------	d-----w-	c:\programdata\Babylon
2012-03-14 17:45 . 2012-02-08 06:03	6552120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{110AF259-6569-4B7B-843B-A7C0A3EDA297}\mpengine.dll
2012-03-13 20:49 . 2012-03-13 20:49	--------	d-----w-	C:\_OTL
2012-03-13 19:19 . 2012-01-09 15:54	613376	----a-w-	c:\windows\system32\rdpencom.dll
2012-03-13 19:19 . 2012-01-09 13:58	180736	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-11 15:15 . 2012-03-11 15:15	--------	d-----w-	c:\users\xxx\AppData\Roaming\Malwarebytes
2012-03-11 15:15 . 2012-03-11 15:15	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-11 15:15 . 2011-12-10 14:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-11 15:15 . 2012-03-11 15:15	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-04 13:05 . 2011-05-13 18:36	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-03 08:24	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-15 17:57 . 2011-10-15 17:33	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-05-20 177464]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHots.dll" [2009-12-31 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
2009-12-31 10:53	2349080	----a-w-	c:\program files\Hotspot_Shield\tbHots.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50	1197448	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-05-20 12:36	1258808	----a-w-	c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-05-20 1258808]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHots.dll" [2009-12-31 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-05-20 1258808]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}"= "c:\program files\Hotspot_Shield\tbHots.dll" [2009-12-31 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"AlienFusion Controller"="c:\program files\Alienware\Command Center\AlienFusionController.exe" [2008-03-05 12800]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2008-03-05 84480]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-06-12 174872]
"Keyboard OSD Utility"="c:\program files\Keyboard Manager\OSD Utility\OSDManager.exe" [2007-12-04 3813376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-08-26 111928]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-8-6 3450608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-5-18 727856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-01 20:57]
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-01 20:57]
.
2012-03-14 c:\windows\Tasks\User_Feed_Synchronization-{5FB9A50B-8E03-42E1-96E8-A6D7436F1A6A}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-ICQ - ~c:\program files\ICQ7.0\ICQ.exe
HKLM-Run-NPSStartup - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-03-14 20:18
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-03-14  20:23:05
ComboFix-quarantined-files.txt  2012-03-14 19:22
.
Vor Suchlauf: 18 Verzeichnis(se), 127.988.383.744 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 129.923.424.256 Bytes frei
.
- - End Of File - - 80AFE677C0E3B4C014A4A8D7A2CD21A9

--- --- ---

markusg · 14.03.2012, 20:26

gibts noch fundmeldungen?

Phi1ipp · 14.03.2012, 20:31

Also in der Quarantäne von Antivir sind immernoch Fundmeldungen..

Aber so tauchen keine neuen Meldungen mehr auf.

13.03.2012, 21:30	#20
markusg /// Malware-holic	HTML/Infected.WebPage.Gen2 Wie entfernen? jetzt das script aus dem letzten post bitte __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

14.03.2012, 20:26	#29
markusg /// Malware-holic	HTML/Infected.WebPage.Gen2 Wie entfernen? gibts noch fundmeldungen? __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

HTML/Infected.WebPage.Gen2 Wie entfernen?

Plagegeister aller Art und deren Bekämpfung: HTML/Infected.WebPage.Gen2 Wie entfernen?