8000000cb.@

t'john · 24.08.2012, 21:19

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Ersetze die *** Sternchen wieder in den Benutzernamen zurück!

Code:

ATTFilter

:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-2522849197-3813269152-386840603-1000\..\SearchScopes,DefaultScope = {A8061948-BE64-4AD0-B549-6EE497484C23} 
IE - HKU\S-1-5-21-2522849197-3813269152-386840603-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\S-1-5-21-2522849197-3813269152-386840603-1000\..\SearchScopes\{A8061948-BE64-4AD0-B549-6EE497484C23}: "URL" = http://www.google.de/search?q={searchTerms} 
IE - HKU\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.startup.homepage: "http://asus.msn.com/" 
FF - prefs.js..network.proxy.type: 0 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found 
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. 
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. 
O3 - HKU\S-1-5-21-2522849197-3813269152-386840603-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. 
O4 - HKU\S-1-5-21-2522849197-3813269152-386840603-1000..\Run: [LicenseValidator] C:\Users\*** ***\AppData\Roaming\Identities\{99131863-2475-4CCB-A030-E7103529DCEF}\LicenseValidator.exe () 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found 
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found 
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found 
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found 
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found 
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{055cc081-cf97-11df-812e-e0cb4e2453ab}\Shell - "" = AutoRun 
O33 - MountPoints2\{055cc081-cf97-11df-812e-e0cb4e2453ab}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence 

[2012/08/22 21:43:05 | 000,247,655 | ---- | M] () -- C:\Users\*** ***\AppData\Roaming\Identities\{99131863-2475-4CCB-A030-E7103529DCEF}\LicenseValidator.exe 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60 
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A 
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4CF61E54 
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F 

[2012/08/24 15:33:00 | 000,000,000 | ---D | C] -- C:\Users\*** ***\AppData\Local\{6F2F9469-C615-4E5A-A3B6-71DBF14CB18E} 
[2012/08/21 20:45:29 | 000,000,000 | ---D | C] -- C:\Users\*** ***\AppData\Local\{E11AB340-EDFF-487A-A8DC-3C69A2CFF082} 
[2012/08/21 19:45:46 | 000,023,552 | ---- | C] () -- C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\800000cb.@ 
[2012/08/21 19:45:46 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\80000000.@ 
[2012/08/20 16:58:16 | 000,001,712 | ---- | C] () -- C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\00000001.@ 
[2012/01/11 11:04:49 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\@ 
[2012/01/11 11:04:49 | 000,002,048 | -HS- | C] () -- C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359}\@ 

[2010/07/27 16:37:48 | 000,000,000 | -HSD | M] -- C:\Users\*** ***\AppData\Roaming\.# 

:Files
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\
C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359}\


C:\Users\*** ***\AppData\Local\{*}
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\*** ***\AppData\Local\Temp\*.exe
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

umwelt · 24.08.2012, 21:40

Habe ich gemacht, noch nen paar anmerkungen:

-> schöner nebeneffekt...auf einmal braucht mein laptop nur noch ein drittel der zeit um hochzufahren

-> avira ist nach dem hochfahren sofort wieder aktiv gewesen und hat das hier gefunden: LicenseValidator TR/Gataka.D.70 ... soll das in Quarantäne?

-> hier ist der code:

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKEY_USERS\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A8061948-BE64-4AD0-B549-6EE497484C23}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8061948-BE64-4AD0-B549-6EE497484C23}\ not found.
HKU\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "hxxp://asus.msn.com/" removed from browser.startup.homepage
Prefs.js: 0 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2522849197-3813269152-386840603-1000\Software\Microsoft\Windows\CurrentVersion\Run\\LicenseValidator deleted successfully.
C:\Users\*** ***\AppData\Roaming\Identities\{99131863-2475-4CCB-A030-E7103529DCEF}\LicenseValidator.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{055cc081-cf97-11df-812e-e0cb4e2453ab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055cc081-cf97-11df-812e-e0cb4e2453ab}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{055cc081-cf97-11df-812e-e0cb4e2453ab}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055cc081-cf97-11df-812e-e0cb4e2453ab}\ not found.
File F:\setup_vmc_lite.exe /checkApplicationPresence not found.
File C:\Users\*** ***\AppData\Roaming\Identities\{99131863-2475-4CCB-A030-E7103529DCEF}\LicenseValidator.exe not found.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:15024E60 deleted successfully.
ADS C:\ProgramData\Temp:734E442A deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:B88E99C8 deleted successfully.
ADS C:\ProgramData\Temp:A724744F deleted successfully.
C:\Users\*** ***\AppData\Local\{6F2F9469-C615-4E5A-A3B6-71DBF14CB18E} folder moved successfully.
C:\Users\*** ***\AppData\Local\{E11AB340-EDFF-487A-A8DC-3C69A2CFF082} folder moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\800000cb.@ moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\80000000.@ moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U\00000001.@ moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\@ moved successfully.
C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359}\@ moved successfully.
C:\Users\*** ***\AppData\Roaming\.# folder moved successfully.
========== FILES ==========
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U folder moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359}\L folder moved successfully.
C:\Windows\Installer\{c604f487-fb6f-9d3d-8015-262ef1f61359} folder moved successfully.
C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359}\U folder moved successfully.
C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359}\L folder moved successfully.
C:\Users\*** ***\AppData\Local\{c604f487-fb6f-9d3d-8015-262ef1f61359} folder moved successfully.
C:\Users\*** ***\AppData\Local\{00208F78-0A08-428F-9C67-321EB52FA368} folder moved successfully.
C:\Users\*** ***\AppData\Local\{03F1EBC3-381F-48C0-AEFE-98B26DBDD56F} folder moved successfully.
C:\Users\*** ***\AppData\Local\{05A957B8-8786-4B4B-9F1F-5E3D99200121} folder moved successfully.
C:\Users\*** ***\AppData\Local\{09D35D5F-BB0A-4000-BE44-00D7F7C94F8A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{0CE02758-6CF0-4B57-AC91-5F98748B4D09} folder moved successfully.
C:\Users\*** ***\AppData\Local\{0D9F9262-64A5-43F8-8D94-165858E4F44C} folder moved successfully.
C:\Users\*** ***\AppData\Local\{12B8990D-71B1-4025-877F-65E025ED60CC} folder moved successfully.
C:\Users\*** ***\AppData\Local\{17323152-9018-496A-BEFA-FD031B412298} folder moved successfully.
C:\Users\*** ***\AppData\Local\{17BADC17-FFC0-4A68-B445-B8F47D0643BB} folder moved successfully.
C:\Users\*** ***\AppData\Local\{19263F0D-B7AA-4C57-BEB9-7C7C07CE6D56} folder moved successfully.
C:\Users\*** ***\AppData\Local\{198950CE-B565-4AF3-A5CC-0B9775BDA3D5} folder moved successfully.
C:\Users\*** ***\AppData\Local\{19B7E976-F8E6-454B-915D-3B18F8C12744} folder moved successfully.
C:\Users\*** ***\AppData\Local\{19F30864-F623-4612-8C76-1B3A814F6F49} folder moved successfully.
C:\Users\*** ***\AppData\Local\{1BAA6741-F4A1-4058-92D0-528F3B59535E} folder moved successfully.
C:\Users\*** ***\AppData\Local\{1F7946C5-3F52-4C8A-B4AF-7B6D5457AD48} folder moved successfully.
C:\Users\*** ***\AppData\Local\{1F7F4400-5123-46A9-9C94-BCD7FC242A02} folder moved successfully.
C:\Users\*** ***\AppData\Local\{1F854507-3003-4CA7-8E74-CD27204D25E1} folder moved successfully.
C:\Users\*** ***\AppData\Local\{20FD558E-B9F0-4925-A35B-F3C30824B21E} folder moved successfully.
C:\Users\*** ***\AppData\Local\{29C0EE46-3AA8-42B5-8A83-43163AF9112E} folder moved successfully.
C:\Users\*** ***\AppData\Local\{2CA9EB1F-1B0F-40D3-B8CB-811C4A297C88} folder moved successfully.
C:\Users\*** ***\AppData\Local\{2F0F3595-A406-4865-B5C3-CB4087474718} folder moved successfully.
C:\Users\*** ***\AppData\Local\{32DAAEFC-BACD-4628-8EF5-E97AACD6C92A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{3533F20E-3329-46DD-891F-144069858DE6} folder moved successfully.
C:\Users\*** ***\AppData\Local\{35855F3B-034B-4F01-A866-8954FCFACFF6} folder moved successfully.
C:\Users\*** ***\AppData\Local\{37283D42-BD6F-4E11-9652-EB0CF6AD79BC} folder moved successfully.
C:\Users\*** ***\AppData\Local\{3C2C91F9-1376-4405-9483-C67A0F9BE532} folder moved successfully.
C:\Users\*** ***\AppData\Local\{4D24AF2C-7407-48DB-92F7-EEEC00735484} folder moved successfully.
C:\Users\*** ***\AppData\Local\{517646EC-FA04-4A4A-9A4F-700BEBD6B857} folder moved successfully.
C:\Users\*** ***\AppData\Local\{526E733B-13C9-440F-90AB-D0CAD5A42F3D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{53A1B9B2-06CC-4CF5-9AFE-EAD7EC977B36} folder moved successfully.
C:\Users\*** ***\AppData\Local\{549451C7-9F7D-4D20-825B-E2CA6D227A67} folder moved successfully.
C:\Users\*** ***\AppData\Local\{5AF2A003-93AF-4C70-B078-E69F1ADBD14D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{5C0A56F4-B572-4C5B-82B6-883F261F4191} folder moved successfully.
C:\Users\*** ***\AppData\Local\{5C9099E6-1F77-4E8D-9304-B7C12FF5DFE7} folder moved successfully.
C:\Users\*** ***\AppData\Local\{5FCF4C0C-7E58-4683-A8D2-D4D7CEA4560A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{6239D0C3-97A3-47E0-BDE9-2A03B026923F} folder moved successfully.
C:\Users\*** ***\AppData\Local\{62C75972-F78C-42B3-A5BC-9BF54D042056} folder moved successfully.
C:\Users\*** ***\AppData\Local\{6590E810-8301-461A-927C-B88203A5A6AD} folder moved successfully.
C:\Users\*** ***\AppData\Local\{66E5DC79-FAB9-45FC-B9E9-F2BB5D0C3F6E} folder moved successfully.
C:\Users\*** ***\AppData\Local\{67001C59-D6BF-4E2E-B787-DFD2D280449F} folder moved successfully.
C:\Users\*** ***\AppData\Local\{67C3C10E-ED8D-4DED-B9F1-AE9F35B70ECF} folder moved successfully.
C:\Users\*** ***\AppData\Local\{6881D76A-6B8D-4D17-A9FE-28E3422B8662} folder moved successfully.
C:\Users\*** ***\AppData\Local\{73B69EAA-A367-4961-B3CC-AE325B848131} folder moved successfully.
C:\Users\*** ***\AppData\Local\{74116172-3822-4E7D-999A-42520A3C6CA0} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7529C15F-43BA-4A56-9BD9-34B316905774} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7868E194-D2E4-43EB-8B13-4A7C49D206B7} folder moved successfully.
C:\Users\*** ***\AppData\Local\{788096C3-ACE2-49E1-8D84-0FD2EBDA65B1} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7B9422F5-8F80-4A25-B37C-3211A90A0BEA} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7F0BEA9B-119A-4F24-B74C-4AE3A21B7B72} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7F8F9FE4-C128-455A-8A6C-648AB629F19D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{7FDD06EC-77B2-441A-98B5-4D6D8B9EE647} folder moved successfully.
C:\Users\*** ***\AppData\Local\{81F18448-CEC2-4286-A25D-AE3F964C6996} folder moved successfully.
C:\Users\*** ***\AppData\Local\{85892BB8-A580-4F28-8EB4-A05A28A807D9} folder moved successfully.
C:\Users\*** ***\AppData\Local\{89297E32-51AE-4861-8042-2D69B8EC2750} folder moved successfully.
C:\Users\*** ***\AppData\Local\{8AAC7018-6B57-4FBC-97DD-E5F2211BA724} folder moved successfully.
C:\Users\*** ***\AppData\Local\{8EF651B6-3A1B-4776-A210-BEABDB5C8312} folder moved successfully.
C:\Users\*** ***\AppData\Local\{8F1EDC9A-B1FE-49F4-9519-09A8D96D20CA} folder moved successfully.
C:\Users\*** ***\AppData\Local\{925F9C88-1C49-4ED1-B610-4991B3F08227} folder moved successfully.
C:\Users\*** ***\AppData\Local\{93EEF0E0-2152-436E-ADFF-4BFF97BD1D5F} folder moved successfully.
C:\Users\*** ***\AppData\Local\{941D0642-B2EF-4547-9EF3-A96A056A49A1} folder moved successfully.
C:\Users\*** ***\AppData\Local\{973A9C94-9E77-43E4-A766-EB1B9A953B41} folder moved successfully.
C:\Users\*** ***\AppData\Local\{9859A472-B60E-4F60-84B1-32803F577780} folder moved successfully.
C:\Users\*** ***\AppData\Local\{993338F8-6079-4CD8-B274-CD32D7647F84} folder moved successfully.
C:\Users\*** ***\AppData\Local\{9A5BF31E-B762-469F-8264-A2DCDA74B605} folder moved successfully.
C:\Users\*** ***\AppData\Local\{9A92C716-D7A9-4E83-B945-8C98487E2C62} folder moved successfully.
C:\Users\*** ***\AppData\Local\{9E811875-AB40-4956-A802-3E4357A94A22} folder moved successfully.
C:\Users\*** ***\AppData\Local\{A489A178-C934-4D28-B621-BA0A8FEDBAC4} folder moved successfully.
C:\Users\*** ***\AppData\Local\{A6F7C4E5-9F3A-444B-BC3E-947A70FF3C94} folder moved successfully.
C:\Users\*** ***\AppData\Local\{AAD6C497-DFC8-4917-ACCC-D371E5102EA1} folder moved successfully.
C:\Users\*** ***\AppData\Local\{AADEF95F-E36B-426E-B7B1-70E7D4F6AA5B} folder moved successfully.
C:\Users\*** ***\AppData\Local\{AB021E86-31CA-403F-9321-AAB540555A3A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{ABF9AAB8-568F-4148-846A-E057C85A292B} folder moved successfully.
C:\Users\*** ***\AppData\Local\{AD3BDB48-369A-418D-B734-43F2C1939793} folder moved successfully.
C:\Users\*** ***\AppData\Local\{AD8DBB1A-4631-42F1-BCF7-DCE6880DAD62} folder moved successfully.
C:\Users\*** ***\AppData\Local\{ADD192B5-9357-49E4-A137-74C6975F3162} folder moved successfully.
C:\Users\*** ***\AppData\Local\{B9F44021-7653-4CCE-9FB2-F9AC09F0737A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{BAA41F9F-A206-4550-829A-A88B362FB0EC} folder moved successfully.
C:\Users\*** ***\AppData\Local\{C0810D1D-14E1-41D2-9EF9-CB5DEC519CD9} folder moved successfully.
C:\Users\*** ***\AppData\Local\{C26F6F41-AC46-4712-B1A9-233007EAC101} folder moved successfully.
C:\Users\*** ***\AppData\Local\{C36C25E5-50F3-4E1F-A926-495E0B4EC34D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{C6D9BB5B-4124-4FCA-B7F1-0472E6EE5012} folder moved successfully.
C:\Users\*** ***\AppData\Local\{C870E324-6B68-4263-8E73-B1BA2C4FACDC} folder moved successfully.
C:\Users\*** ***\AppData\Local\{CA81A93F-71BC-4F90-A0EE-7480887591EB} folder moved successfully.
C:\Users\*** ***\AppData\Local\{CBFCB1A2-EC2E-43BF-9909-2830953DBE12} folder moved successfully.
C:\Users\*** ***\AppData\Local\{D14AEB1F-6373-4288-A565-113EAA1EEB2C} folder moved successfully.
C:\Users\*** ***\AppData\Local\{D5F275ED-C139-439F-8665-FAE753534DD9} folder moved successfully.
C:\Users\*** ***\AppData\Local\{DA17E795-D48D-425B-BAC6-E21048DF9000} folder moved successfully.
C:\Users\*** ***\AppData\Local\{DC1481E5-7C3D-465A-8F7D-AC5341971632} folder moved successfully.
C:\Users\*** ***\AppData\Local\{DD56AD57-D8A5-4B17-99AC-66B8A43D0193} folder moved successfully.
C:\Users\*** ***\AppData\Local\{E16E49AA-0241-4C15-AA60-BA760B92071A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{E947CC3D-597F-4DDF-9A4A-CBD096DC49FC} folder moved successfully.
C:\Users\*** ***\AppData\Local\{EAC34A36-1AF5-469E-9516-B13CA070F5ED} folder moved successfully.
C:\Users\*** ***\AppData\Local\{EB18B5BE-4F69-4B19-9186-AF8056C5FF13} folder moved successfully.
C:\Users\*** ***\AppData\Local\{EB826020-91A7-48D0-9005-919095F4234D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F07190B7-517F-45A4-A0E5-D408B07B3375} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F335F79E-0271-4818-81C6-8E58B080D6AD} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F4FCDBD9-283A-4A26-BAD7-A142056BEF4A} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F73F469C-C8A4-4C7B-A9B4-401487947E62} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F831EF2D-87C9-49DA-AF5A-CFD19A55E71B} folder moved successfully.
C:\Users\*** ***\AppData\Local\{F8E76D44-F6CA-481C-BA1C-F843EFC7834D} folder moved successfully.
C:\Users\*** ***\AppData\Local\{FC662F66-45F1-484E-80DC-CC640F14807F} folder moved successfully.
C:\Users\*** ***\AppData\Local\{FD8A13BF-CBEE-4C36-A016-B9BE98F2D9A7} folder moved successfully.
C:\Users\*** ***\AppData\Local\{FED4C9B1-912B-4834-8D23-134F275258EE} folder moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243} folder moved successfully.
C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41} folder moved successfully.
C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658} folder moved successfully.
C:\ProgramData\Temp folder moved successfully.
File\Folder C:\Users\*** ***\AppData\Local\Temp\*.exe not found.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\splash folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\*** ***\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\*** ***\Desktop\cmd.bat deleted successfully.
C:\Users\*** ***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: *** ***
->Temp folder emptied: 970526871 bytes
->Temporary Internet Files folder emptied: 6257820 bytes
->FireFox cache emptied: 90027083 bytes
->Flash cache emptied: 529 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97938 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 5889568 bytes
RecycleBin emptied: 1613800804 bytes
 
Total Files Cleaned = 2,562.00 mb
 
 
OTL by OldTimer - Version 3.2.58.1 log created on 08242012_222603

Files\Folders moved on Reboot...
File\Folder C:\Users\*** ***\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\IGRV4RBU\ame=0&screen_res=182&ac=0&tz=2&tagid=ambient&owner=&specialtype=&adsize=&params[1].styles=&tile=654642546329543459338531750548&transactionID=654642546329543459338531750548 not found!
C:\Users\*** ***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF1401AB2200E7147A.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF586A3D27ABF1F9C5.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF7063E24F75D1BACD.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF8096B0B857F1FF7F.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF8CF7357B1D4C8C44.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DF98A3F0A4D745554C.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DFDAACE236A55A1245.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~DFF90737956C78C917.TMP not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~LC36AA.tmp not found!
File\Folder C:\Users\*** ***\AppData\Local\Temp\~LM390C.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

t'john · 24.08.2012, 23:02

Sehr gut!

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

umwelt · 24.08.2012, 23:21

vielen dank, werde das alles nach einem pc freien wochenende am montag umsetzen und logs posten!

t'john · 24.08.2012, 23:22

Alles klar

umwelt · 26.08.2012, 22:59

1. Schritt:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.26.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
*** :: *** [Administrator]

26.08.2012 21:59:20
mbam-log-2012-08-26 (21-59-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 395129
Laufzeit: 1 Stunde(n), 53 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|LicenseValidator (Trojan.Proxy) -> Daten: C:\Users\*** ***\AppData\Roaming\Identities\{31D2478F-C344-43A5-8843-B4F8FE9FB2EB}\LicenseValidator.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

PS: auch avira hat den fund gefunden^^

2. Schritt:

ich habe nur die log datei kopiert, aber nicht auf "delete" geklickt.

Code:

ATTFilter

# AdwCleaner v1.801 - Logfile created 08/27/2012 at 00:07:38
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : *** *** 
# Boot Mode : Normal
# Running from : C:\Users *** *** \Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\*** ***\AppData\Roaming\Mozilla\Firefox\Profiles\q47jcatb.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [899 octets] - [27/08/2012 00:07:38]

########## EOF - C:\AdwCleaner[R1].txt - [1026 octets] ##########

Erwähnen will ich noch, dass mich firefox vor einem add on gewarnt hat...wusste aber nicht, ob ich es deaktivieren sollte oder nicht.

t'john · 27.08.2012, 00:53

Malware mit Combofix beseitigen

Lade Combofix von einem der folgenden Download-Spiegel herunter:

BleepingComputer.com - ForoSpyware.com

und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
Beachte die ausführliche Original-Anleitung.

Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:

Windows XP (nur 32-bit)
Windows Vista (32-bit/64-bit)
Windows 7 (32-bit/64-bit)

Vorbereitung und wichtige Hinweise

Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
Liste der zu deaktivierenden Programme.
Bei Unklarheiten bitte fragen.

ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
Teile uns das mit und warte auf unsere Anweisungen.

Starte die Combofix.exe mit Rechtsklick => Als Administrator ausführen und folge den Anweisungen.
Während des Laufs von Combofix nichts anderes am Computer machen!
Akzeptiere die Bedingungen (Disclaimer) mit "Ja".

Sollte Combofix eine aktuellere Version anbieten, Downlaod erlauben.
Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.
Es erscheint eine blaue Eingabeaufforderung, Combofix wird für den Suchlauf vorbereitet.
Bitte nicht in dieses Combofix-Fenster klicken.
Das könnte Dein System einfrieren oder hängen bleiben lassen.
Es wird ein Backup Deiner Registry erstellt.
Nun werden die einzelnen Stufen des Programms abgearbeitet, das kann eine Weile dauern.

Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.

Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.

Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!

umwelt · 27.08.2012, 19:10

Jetzt kann ich auch mein Wartungscenter wieder öffnen. Ich habe auch die Windows Firewall und Avira wieder aktiviert, nachdem ComboFix fertig war.

Code:

ATTFilter

ComboFix 12-08-25.04 - *** *** 27.08.2012  19:12:59.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3327.1908 [GMT 2:00]
ausgeführt von:: c:\users\*** ***\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\autorun.inf
c:\program files (x86)\driver
c:\program files (x86)\driver\Jeilin\Setup.exe
c:\program files (x86)\driver\Mars\SETUP.EXE
c:\program files (x86)\Setup.exe
c:\users\*** ***\AppData\Roaming\Help\coredb\storage
c:\windows\msvcr71.dll
c:\windows\SysWow64\FlashPlayerInstaller.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-27 bis 2012-08-27  ))))))))))))))))))))))))))))))
.
.
2012-08-27 17:29 . 2012-08-27 17:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-08-24 20:26 . 2012-08-24 20:26	--------	d-----w-	C:\_OTL
2012-08-21 16:26 . 2012-08-21 16:26	--------	d-----w-	c:\users\*** ***\AppData\Roaming\Malwarebytes
2012-08-21 16:26 . 2012-08-21 16:26	--------	d-----w-	c:\programdata\Malwarebytes
2012-08-21 16:26 . 2012-08-21 16:29	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-21 16:26 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-20 15:04 . 2012-08-20 15:04	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-08-20 14:57 . 2012-08-20 14:57	--------	d-----w-	c:\users\*** ***\AppData\Roaming\Microsoft Corporation
2012-08-16 20:25 . 2012-08-16 20:25	--------	d-----w-	c:\users\*** ***\AppData\Roaming\Dropbox
2012-08-14 16:04 . 2012-08-14 16:04	--------	d-----w-	c:\users\*** ***\AppData\Roaming\Windows Search
2012-08-13 16:38 . 2012-08-13 16:38	--------	d-----w-	c:\users\*** ***\AppData\Roaming\TeamViewer
2012-07-30 18:24 . 2012-07-30 18:24	770384	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-30 18:24 . 2012-07-30 18:24	421200	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-07-29 08:49 . 2012-08-01 20:01	--------	d-----w-	c:\users\*** ***\AppData\Roaming\Skype
2012-07-29 08:48 . 2012-07-29 08:49	--------	d-----r-	c:\program files (x86)\Skype
2012-07-29 08:48 . 2012-07-29 08:48	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-07-29 08:48 . 2012-07-29 08:49	--------	d-----w-	c:\programdata\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-27 15:45 . 2009-12-26 17:06	45056	----a-w-	c:\windows\system32\acovcnt.exe
2012-08-21 15:34 . 2009-07-13 23:19	328704	----a-w-	c:\windows\system32\services.exe
2012-08-15 20:07 . 2009-12-24 21:08	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-07-31 20:39 . 2012-04-04 17:26	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-31 20:39 . 2011-05-19 20:20	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-21 20:45 . 2011-03-28 16:36	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-09 05:30 . 2012-07-11 04:38	14165504	----a-w-	c:\windows\system32\shell32.dll
2012-06-06 06:49 . 2012-06-06 06:49	1070152	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 05:50 . 2012-07-11 04:38	2003968	----a-w-	c:\windows\system32\msxml6.dll
2012-06-06 05:50 . 2012-07-11 04:38	1880064	----a-w-	c:\windows\system32\msxml3.dll
2012-06-06 05:09 . 2012-07-11 04:38	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-06-06 05:09 . 2012-07-11 04:38	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-06-02 22:19 . 2012-06-21 12:34	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 12:34	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 12:34	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 12:34	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 12:34	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 12:34	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 12:34	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 12:33	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 12:33	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 05:38 . 2012-07-11 04:38	95088	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:38 . 2012-07-11 04:38	152432	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:37 . 2012-07-11 04:38	459216	----a-w-	c:\windows\system32\drivers\cng.sys
2012-06-02 05:27 . 2012-07-11 04:38	340992	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 05:27 . 2012-07-11 04:38	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-06-02 04:48 . 2012-07-11 04:38	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-06-02 04:48 . 2012-07-11 04:38	225280	----a-w-	c:\windows\SysWow64\schannel.dll
2012-06-02 04:47 . 2012-07-11 04:38	219136	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:42 . 2012-07-11 04:38	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-11-04 90112]
"UIExec"="c:\program files (x86)\Join Air\UIExec.exe" [2009-08-31 132608]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-04-20 2327552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-12-16 220744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\*** ***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft SharePoint Workspace.lnk - c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2009-11-29 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Join Air\AssistantServices.exe [2009-08-31 241664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-04-09 11776]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-03 113120]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2009-04-09 167424]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2009-04-09 150784]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files (x86)\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\*** ***\AppData\Roaming\Mozilla\Firefox\Profiles\q47jcatb.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
HKLM-Run-EeeStorageBackup - c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,65,f8,b2,a3,3e,14,43,87,fd,08,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,65,f8,b2,a3,3e,14,43,87,fd,08,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\AsScrPro.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-08-27  20:01:24 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-08-27 18:01
.
Vor Suchlauf: 8 Verzeichnis(se), 20.189.188.096 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 19.828.695.040 Bytes frei
.
- - End Of File - - 713338AB7ED163D045827398D8720586

Code:

ATTFilter

Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4) - Deutsch
Adobe Shockwave Player 11.6
Alcor Micro USB Card Reader
Alice Greenfingers
AMD USB Filter Driver
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS_Screensaver
Atheros Client Installation Program
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Avira Free Antivirus
Bing Bar
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CDBurnerXP
Chicken Invaders 2
Citavi
ControlDeck
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dream Day Wedding Married in Manhattan
FastStone Image Viewer 4.2
FreeRIP v3.6
Game Park Console
ICQ7.1
Island Wars 2
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 31
Join Air
Junk Mail filter update
Malwarebytes Anti-Malware Version 1.62.0.1300
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0.1 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
OpenOffice.org 3.2
PC Camera-168
PDF24 Creator 4.1.2
Piggly
Platform
QuarkXPress 6.1
RI-CAD Version 2.0.3
SDV i5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Skype™ 5.10
Smileyville
Spybot - Search & Destroy
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIA Platform Device Manager
VLC media player 1.0.3
Vodafone Mobile Connect Lite
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
WinRAR
Wireless Console 3

t'john · 28.08.2012, 15:35

Sehr gut!

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

danach:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

umwelt · 29.08.2012, 19:49

1. Schritt:

Code:

ATTFilter

# AdwCleaner v1.801 - Logfile created 08/29/2012 at 06:28:05
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : *** *** - ******-PC
# Boot Mode : Normal
# Running from : C:\Users\*** ***\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\*** ***\AppData\Roaming\Mozilla\Firefox\Profiles\q47jcatb.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1025 octets] - [27/08/2012 00:07:38]
AdwCleaner[S1].txt - [919 octets] - [29/08/2012 06:28:05]

########## EOF - C:\AdwCleaner[S1].txt - [1046 octets] ##########

2. Schritt:

Ich habe bemerkt, dass mein Windows 7 das Service Pack 1 nicht drauf hat und deshalb Emisoft nicht funktioniert.
Als ich es heute aktualisieren wollte, kam der Fehlercode: 80246008

...habe mal im Netz rumgeschaut, aber so richtig passt da nichts auf mein Problem.

Hmh, ich habe jetzt noch drei Tage bis ich meine Arbeit abgebe, es ist wahrscheinlich am leichtesten, wenn ich mir dann einfach das neue Windows 7 draufziehe, oder?

Oder gibt es eine gute Alternative zu Emisoft? Klar, eigentlich müsste ich eher versuchen das Service Pack 1 drauf zu bekommen und dann Emisoft anzuwenden, aber das scheint nicht so leicht machbar zu sein.

Bei mir fehlt der "Intelligenter Hintergrundübertragungsdienst" in den Diensten. Deshalb schlägt das Update wohl fehl.

t'john · 29.08.2012, 22:29

Windows Repair Tool (AIO)

Downloade Windows repair tool
Entpacke das Zip und starte Repair_Windows.exe
Klicke auf Start repairs Tab dann: Start

folgende Punkte auswählen

Register System Files
Repair WMI
Repair Windows Firewall
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
Set Windows Services To Default Startup
Repair MSI (Installer)

Auswählen: Restart System When Finished
Dann Start Button klicken.

umwelt · 30.08.2012, 07:43

Danke für den Tipp. Daraufhin wurde nach Updates gesucht. Es wurde wieder das Service Pack 1 gefunden. An dem Fehlercode hat das Programm leider nichts geändert. Der Dienst ist immer noch verschwunden und das Update schlägt immer noch fehl.

t'john · 30.08.2012, 19:11

Das: Windows Update-Fehler 80246008

oder

Update-Pack versuchen: Update Pack fr Windows 7, Windows Vista und Windows XP - WinFuture.de

umwelt · 31.08.2012, 19:35

Ersteres hatte ich selber gelesen und bin deshalb auf das Fehlen des "Intelligenter Hintergrundübertragungsdienst" gestoßen. Dieser Dienst fehlt bei mir immernoch.

Das Windows-Ereignisprotokolldienst (Dienst) ist bei mir gestartet und passt auch mir den Einstellungen wie auf der windows hilfe seite beschrieben ist. Komisch ist bei dem dienst aber auch, dass ich ihn nicht neu starten kann oder beenden, da "Fehler 5: Zugriff verweigert"...auch ein Neustart des PCs brachte nichts.

Trotzdem habe ich mir auch mal deinen zweiten Tpp angesehen und rage mich, ob ich dann das Paket ohne Service Pack nehmen sollte, um erstmal alle anderen Updates drauf zu bekommen? Denn der Download für Windows mit Service Pack würde bei mir ja nichts bringen, da das ja fehlt.
...soll ich es also probieren, obwohl die oben beschriebenen Dineste (anscheind) nicht richtig arbeiten?

t'john · 01.09.2012, 00:07

Wenn die Updates nicht gehen, wirst du Windows Neuaufsetzen muessen.

24.08.2012, 23:21	#19
umwelt Gesperrt	8000000cb.@ vielen dank, werde das alles nach einem pc freien wochenende am montag umsetzen und logs posten!

24.08.2012, 23:22	#20
t'john /// Helfer-Team	8000000cb.@ Alles klar __________________ Mfg, t'john Das TB unterstützen

30.08.2012, 07:43	#27
umwelt Gesperrt	8000000cb.@ Danke für den Tipp. Daraufhin wurde nach Updates gesucht. Es wurde wieder das Service Pack 1 gefunden. An dem Fehlercode hat das Programm leider nichts geändert. Der Dienst ist immer noch verschwunden und das Update schlägt immer noch fehl.

30.08.2012, 19:11	#28
t'john /// Helfer-Team	8000000cb.@ Das: Windows Update-Fehler 80246008 oder Update-Pack versuchen: Update Pack fr Windows 7, Windows Vista und Windows XP - WinFuture.de __________________ Mfg, t'john Das TB unterstützen

01.09.2012, 00:07	#30
t'john /// Helfer-Team	8000000cb.@ Wenn die Updates nicht gehen, wirst du Windows Neuaufsetzen muessen. __________________ Mfg, t'john Das TB unterstützen

8000000cb.@

Log-Analyse und Auswertung: 8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@

8000000cb.@