Windows 7 mit GVU 2.07

t'john · 28.07.2012, 14:32

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Code:

ATTFilter

:OTL

MOD - [2012.07.26 11:24:11 | 000,222,120 | ---- | M] () -- C:\Users\touran\AppData\Local\Temp\rty0_7z.exe 
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox 
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7 
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} 
IE - HKLM\..\URLSearchHook: {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - SOFTWARE\Classes\CLSID\{48405d3d-2674-4cd8-b1ef-9a719443bd3f}\InprocServer32 File not found 
IE - HKLM\..\URLSearchHook: {8c925777-22df-4587-86f7-7ddd6d2ad1eb} - C:\Program Files (x86)\radio_de\prxtbradi.dll (Conduit Ltd.) 
IE - HKLM\..\URLSearchHook: {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Program Files (x86)\Suche_Deutschland\tbSuc1.dll (Conduit Ltd.) 
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.) 
IE - HKLM\..\URLSearchHook: {fe0383f0-af43-4832-a481-0555470194d1} - SOFTWARE\Classes\CLSID\{fe0383f0-af43-4832-a481-0555470194d1}\InprocServer32 File not found 
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox 
IE - HKLM\..\SearchScopes\{5BFE8C19-77F1-4E08-9CB2-B03C51A8E9A7}: "URL" = http://downloads.phpnuke.org/de/index.php?rvs=hompag 
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncodin g}&oe={outputEncoding}&rlz=1I7ASUT 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7 
IE - HKLM\..\SearchScopes\{8C212CF2-7194-4FD3-87FF-75A3C0737546}: "URL" = http://downloads.phpnuke.org/de/index.php?rvs=hompag 
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} 
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2303923 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\URLSearchHook: {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - SOFTWARE\Classes\CLSID\{48405d3d-2674-4cd8-b1ef-9a719443bd3f}\InprocServer32 File not found 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\URLSearchHook: {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Program Files (x86)\Suche_Deutschland\tbSuc1.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\URLSearchHook: {fe0383f0-af43-4832-a481-0555470194d1} - SOFTWARE\Classes\CLSID\{fe0383f0-af43-4832-a481-0555470194d1}\InprocServer32 File not found 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=LMW2&o=16050&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=OF&apn_dtid=VIN009Y YDE&apn_uid=78EA5E28-326D-4606-B1CF-F13024F64027&apn_sauid=8AE93DAC-ED95-4E26-B104-706D53EEDA8B 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{5BFE8C19-77F1-4E08-9CB2-B03C51A8E9A7}: "URL" = http://downloads.phpnuke.org/de/index.php?rvs=hompag 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncodin g}&oe={outputEncoding}&rlz=1I7ASUT 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{8C212CF2-7194-4FD3-87FF-75A3C0737546}: "URL" = http://downloads.phpnuke.org/de/index.php?rvs=hompag 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=2&sr=0&q={searchTerms} 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\SearchScopes\{C5CB8DCA-1352-4C5C-8F47-3C21D7CCE375}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1147646 
IE - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.startup.homepage: "http://search.bearshare.com" 
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&sr=0&q=" 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found 
[2011.04.30 06:46:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\touran\AppData\Roaming\mozilla\Extensions 
[2011.04.30 06:46:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\touran\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org 
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found 
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll File not found 
O2 - BHO: (Discover USA Toolbar) - {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - C:\Program Files (x86)\Search_USA\prxtbSea0.dll File not found 
O2 - BHO: (radio de Toolbar) - {8c925777-22df-4587-86f7-7ddd6d2ad1eb} - C:\Program Files (x86)\radio_de\prxtbradi.dll (Conduit Ltd.) 
O2 - BHO: (Suche Deutschland Toolbar) - {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Program Files (x86)\Suche_Deutschland\tbSuc1.dll (Conduit Ltd.) 
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll File not found 
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found 
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.) 
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found 
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found 
O2 - BHO: (DEUTSCHLAND version Toolbar) - {fe0383f0-af43-4832-a481-0555470194d1} - C:\Program Files (x86)\DEUTSCHLAND_version\prxtbDEUT.dll File not found 
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found 
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. 
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (Deutschland Radio Toolbar) - {2069a8c8-fad1-424b-b76c-d7f33d77dc4c} - C:\Program Files (x86)\Deutschland_Radio\tbDeut.dll File not found 
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found 
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll File not found 
O3 - HKLM\..\Toolbar: (Discover USA Toolbar) - {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - C:\Program Files (x86)\Search_USA\prxtbSea0.dll File not found 
O3 - HKLM\..\Toolbar: (radio de Toolbar) - {8c925777-22df-4587-86f7-7ddd6d2ad1eb} - C:\Program Files (x86)\radio_de\prxtbradi.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found 
O3 - HKLM\..\Toolbar: (Suche Deutschland Toolbar) - {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Program Files (x86)\Suche_Deutschland\tbSuc1.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.) 
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found 
O3 - HKLM\..\Toolbar: (DEUTSCHLAND version Toolbar) - {fe0383f0-af43-4832-a481-0555470194d1} - C:\Program Files (x86)\DEUTSCHLAND_version\prxtbDEUT.dll File not found 
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Deutschland Radio Toolbar) - {2069A8C8-FAD1-424B-B76C-D7F33D77DC4C} - C:\Program Files (x86)\Deutschland_Radio\tbDeut.dll File not found 
O3:64bit: - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll File not found 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll File not found 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Discover USA Toolbar) - {48405D3D-2674-4CD8-B1EF-9A719443BD3F} - C:\Program Files (x86)\Search_USA\prxtbSea0.dll File not found 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (radio de Toolbar) - {8C925777-22DF-4587-86F7-7DDD6D2AD1EB} - C:\Program Files (x86)\radio_de\prxtbradi.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (Suche Deutschland Toolbar) - {937F343C-C9C2-4235-B544-7FC4DA2F2594} - C:\Program Files (x86)\Suche_Deutschland\tbSuc1.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP0.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found 
O3 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\..\Toolbar\WebBrowser: (DEUTSCHLAND version Toolbar) - {FE0383F0-AF43-4832-A481-0555470194D1} - C:\Program Files (x86)\DEUTSCHLAND_version\prxtbDEUT.dll File not found 

O4 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler File not found 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 
O7 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16 
O7 - HKU\S-1-5-21-1157160496-1306487556-184762800-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll File not found 
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found 
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll File not found 
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found 
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found 
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found 
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{1cc67dec-cb1c-11e0-be56-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{1cc67dec-cb1c-11e0-be56-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{1cc67def-cb1c-11e0-be56-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{1cc67def-cb1c-11e0-be56-485b399c40dd}\Shell\AutoRun\command - "" = H:\AutoRun.exe 
O33 - MountPoints2\{1d2f2070-008a-11e1-be20-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{1d2f2070-008a-11e1-be20-485b399c40dd}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{40cc190d-06cf-11e1-a637-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{40cc190d-06cf-11e1-a637-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{5323a049-f8ba-11e0-b448-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{5323a049-f8ba-11e0-b448-485b399c40dd}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{5323a04c-f8ba-11e0-b448-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{5323a04c-f8ba-11e0-b448-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{5d69f865-c822-11e0-aae2-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{5d69f865-c822-11e0-aae2-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{5d69f869-c822-11e0-aae2-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{5d69f869-c822-11e0-aae2-485b399c40dd}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{5d69f87d-c822-11e0-aae2-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{5d69f87d-c822-11e0-aae2-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{625c6797-c179-11e1-8e7a-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{625c6797-c179-11e1-8e7a-485b399c40dd}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe 
O33 - MountPoints2\{99e55ee7-cf31-11e0-b80f-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{99e55ee7-cf31-11e0-b80f-485b399c40dd}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{99e55eea-cf31-11e0-b80f-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{99e55eea-cf31-11e0-b80f-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a5e28d84-e881-11e0-89b8-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{a5e28d84-e881-11e0-89b8-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a5e28d87-e881-11e0-89b8-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{a5e28d87-e881-11e0-89b8-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a5e28db3-e881-11e0-89b8-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{a5e28db3-e881-11e0-89b8-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{a5e28db5-e881-11e0-89b8-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{a5e28db5-e881-11e0-89b8-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{c757008c-4530-11e1-9f53-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{c757008c-4530-11e1-9f53-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{d6cc960f-8a42-11e1-b533-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{d6cc960f-8a42-11e1-b533-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{d6cc9611-8a42-11e1-b533-485b399c40dd}\Shell - "" = AutoRun 
O33 - MountPoints2\{d6cc9611-8a42-11e1-b533-485b399c40dd}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\F\Shell - "" = AutoRun 
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\G\Shell - "" = AutoRun 
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe 

[2012.07.24 11:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\61C3 
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] 
[2012.07.27 20:31:43 | 004,503,728 | ---- | M] () -- C:\ProgramData\z7_0ytr.pad 
[[2012.07.26 11:24:12 | 000,001,883 | ---- | M] () -- C:\Users\touran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk 

 
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:981884E7 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Windows 7 mit GVU 2.07

Plagegeister aller Art und deren Bekämpfung: Windows 7 mit GVU 2.07

Windows 7 mit GVU 2.07

Ähnliche Themen: Windows 7 mit GVU 2.07