Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
weißer bildschirm und diese website kann nicht angezeigt werden

weißer bildschirm und diese website kann nicht angezeigt werden


Plagegeister aller Art und deren Bekämpfung: weißer bildschirm und diese website kann nicht angezeigt werden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.10.2012, 19:11   #1
raikk
 
weißer bildschirm und diese website kann nicht angezeigt werden - Standard

weißer bildschirm und diese website kann nicht angezeigt werden


hallo.
wie bei so vielen in diesem forum auch schon ist mein rechner seit gestern befallen. war auf einer streaming-site und seit dem ist nach dem starten des desktophintergrundbildes schluss. eine weiße seite erscheint, lädt ewigt und endet mit ...website kann nicht gestartet werden" und sperrt den rechner nahezu.
habe malwarebye durchlaufen lassen und der fand zweit bedrohungen. ich habe diese entfernen lassen. aviras de-cleaner fand nichts.
nun lauft otl gerade durch. das ergebnis der beiden bericht poste ich hier.
wäre schön wenn mir geholfen werden könnte.
vielen dank im voraus.
gruß raik

anbei nun die logfiles von otl:

otl.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.10.2012 19:46:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\moni & raik\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,20% Memory free
4,23 Gb Paging File | 3,82 Gb Available in Paging File | 90,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,09 Gb Total Space | 340,85 Gb Free Space | 74,90% Space Free | Partition Type: NTFS
Drive D: | 10,66 Gb Total Space | 1,74 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
 
Computer Name: MONIUNDRAIK | User Name: moni & raik | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\moni & raik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Programme\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (vsmon) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avgwd) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TVCapSvc) -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) -- C:\Programme\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
SRV - (Recovery Service for Windows) -- C:\Programme\SMINST\BLService.exe ()
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_7c71e337\stacsv.exe (IDT, Inc.)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (usnjsvc) -- C:\Programme\MSN Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vsdatant7) -- System32\drivers\vsdatant.win7.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Programme\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc.                           )
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{160468A8-250A-40C1-8291-01921104DC01}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKLM\..\SearchScopes\{AB949608-D76B-43E2-965F-450A19373E61}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKLM\..\SearchScopes\{FAEFD2A5-F527-4B3F-B97D-E911B4FC00ED}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\SearchScopes,DefaultScope = {160468A8-250A-40C1-8291-01921104DC01}
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\SearchScopes\{160468A8-250A-40C1-8291-01921104DC01}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={2C10AC08-5491-427B-ABFB-10AFC6A3E21C}&mid=dc5c16406ecf47d1b8fad16d38da5123-1a3015f4b0c29827aef1ad4e900c1da07d818193&lang=en&ds=AVG&pr=fr&d=&v=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\SearchScopes\{AB949608-D76B-43E2-965F-450A19373E61}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\SearchScopes\{FAEFD2A5-F527-4B3F-B97D-E911B4FC00ED}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA@2020Technologies.com:5.0.94.0
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.12.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.08.22 17:35:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012.06.17 18:15:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.22 17:35:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 23:27:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.11 23:27:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.11 23:27:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.11 23:27:16 | 000,000,000 | ---D | M]
 
[2010.08.20 12:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\moni & raik\AppData\Roaming\mozilla\Extensions
[2012.09.24 20:46:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\moni & raik\AppData\Roaming\mozilla\Firefox\Profiles\oe9tkid6.default\extensions
[2011.01.14 21:02:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\moni & raik\AppData\Roaming\mozilla\Firefox\Profiles\oe9tkid6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.09.24 20:46:50 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\moni & raik\AppData\Roaming\mozilla\Firefox\Profiles\oe9tkid6.default\extensions\2020Player_IKEA@2020Technologies.com
[2012.09.11 23:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.11 23:27:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.11 23:27:29 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.29 18:09:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.07 00:21:10 | 000,003,739 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.11 21:02:02 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.29 18:09:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.29 18:09:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.29 18:09:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.29 18:09:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Skype Click to Call = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: AVG Do Not Track = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Mail = C:\Users\moni & raik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (CmjBrowserHelperObject Object) - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000..\Run: [AdobeUpdater6] C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000..\Run: [xvyqaefpvlwwfso] C:\ProgramData\xvyqaefp.exe ()
O4 - Startup: C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\moni & raik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-DE\local\search.html ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: An Mindjet MindManager senden - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Programme\Mindjet\MindManager 7\Mm7InternetExplorer.dll (Mindjet)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-2265993982-114685985-2131399077-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11BF06F2-3C49-40C1-8723-4BD2D6375562}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{137E8A34-E639-4B36-866F-31BE5515756F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F937C11-A61F-4DA7-9144-C042A8B485E4}: DhcpNameServer = 83.169.184.161 192.168.2.1 83.169.184.225
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6bca0000-9836-11df-baf2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6bca0000-9836-11df-baf2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\ShelExec.exe @EXEDRV@.\start.pdf
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\ShelExec.exe @EXEDRV@.\start.pdf
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.07 19:45:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\moni & raik\Desktop\OTL.exe
[2012.10.06 17:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\mqoqitxhvwfpqqr
[2012.10.06 12:52:23 | 000,000,000 | ---D | C] -- C:\Users\moni & raik\Desktop\wohnung
[2012.09.23 10:20:54 | 000,000,000 | ---D | C] -- C:\Users\moni & raik\AppData\Local\Macromedia
[2012.09.23 10:10:39 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.23 03:03:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.23 03:03:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.23 03:03:34 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.23 03:03:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.23 03:03:34 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.23 03:03:30 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.23 03:03:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.23 03:03:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.11 23:43:27 | 000,000,000 | R--D | C] -- C:\Users\moni & raik\Dropbox
[2012.09.11 23:39:18 | 000,000,000 | ---D | C] -- C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.09.11 23:28:50 | 000,000,000 | ---D | C] -- C:\Users\moni & raik\AppData\Roaming\Dropbox
[2012.09.11 23:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.10 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[29 C:\Users\moni & raik\Desktop\*.tmp files -> C:\Users\moni & raik\Desktop\*.tmp -> ]
[1 C:\Users\moni & raik\*.tmp files -> C:\Users\moni & raik\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.07 19:45:19 | 000,000,844 | ---- | M] () -- C:\Users\moni & raik\Desktop\OTL - Verknüpfung.lnk
[2012.10.07 19:44:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\moni & raik\Desktop\OTL.exe
[2012.10.07 19:41:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.07 19:38:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.10.07 19:37:46 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 19:37:45 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.07 19:36:58 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.06 17:26:47 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormoni & raik.job
[2012.10.06 17:22:19 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.06 17:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.06 17:18:18 | 000,076,346 | ---- | M] () -- C:\ProgramData\ncalhuvcjlcitld
[2012.10.06 17:18:05 | 000,104,960 | ---- | M] () -- C:\ProgramData\xvyqaefp.exe
[2012.10.06 12:55:29 | 000,017,408 | ---- | M] () -- C:\Users\moni & raik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.06 12:45:10 | 000,628,914 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.06 12:45:10 | 000,596,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.06 12:45:10 | 000,104,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.06 12:45:09 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.06 12:27:37 | 096,726,842 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.09.28 08:58:30 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.09.25 21:12:21 | 000,362,246 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.09.23 10:10:40 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.23 10:10:39 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.22 10:12:45 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.11 23:43:27 | 000,000,947 | ---- | M] () -- C:\Users\moni & raik\Desktop\Dropbox.lnk
[2012.09.11 23:39:51 | 000,000,957 | ---- | M] () -- C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.09.10 22:00:41 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[29 C:\Users\moni & raik\Desktop\*.tmp files -> C:\Users\moni & raik\Desktop\*.tmp -> ]
[1 C:\Users\moni & raik\*.tmp files -> C:\Users\moni & raik\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.07 19:45:19 | 000,000,844 | ---- | C] () -- C:\Users\moni & raik\Desktop\OTL - Verknüpfung.lnk
[2012.10.06 17:18:17 | 000,104,960 | ---- | C] () -- C:\ProgramData\xvyqaefp.exe
[2012.10.06 17:18:06 | 000,076,346 | ---- | C] () -- C:\ProgramData\ncalhuvcjlcitld
[2012.09.23 10:10:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.11 23:43:27 | 000,000,947 | ---- | C] () -- C:\Users\moni & raik\Desktop\Dropbox.lnk
[2012.09.11 23:39:51 | 000,000,957 | ---- | C] () -- C:\Users\moni & raik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.06.27 21:05:09 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2011.11.29 17:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.29 17:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.11.29 17:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.11.29 17:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.11.29 17:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.08.07 19:47:00 | 000,000,117 | ---- | C] () -- C:\Windows\civ.ini
[2011.06.20 21:53:33 | 000,017,408 | ---- | C] () -- C:\Users\moni & raik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.03 21:46:06 | 000,149,506 | ---- | C] () -- C:\Users\moni & raik\2011_01rechnung_5608347905.pdf
[2010.07.29 15:39:32 | 000,000,016 | ---- | C] () -- C:\Users\moni & raik\persistent_state
[2010.07.28 12:14:04 | 000,000,680 | ---- | C] () -- C:\Users\moni & raik\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---

extras.txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.10.2012 19:46:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\moni & raik\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,20% Memory free
4,23 Gb Paging File | 3,82 Gb Available in Paging File | 90,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,09 Gb Total Space | 340,85 Gb Free Space | 74,90% Space Free | Partition Type: NTFS
Drive D: | 10,66 Gb Total Space | 1,74 Gb Free Space | 16,34% Space Free | Partition Type: NTFS
 
Computer Name: MONIUNDRAIK | User Name: moni & raik | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-2265993982-114685985-2131399077-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36786BDE-2234-45E7-A8BF-EBB7E4DE9424}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{F486D551-F931-4E0D-856C-23EC9C20C6CC}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06ADC0CD-3591-48A6-8EF6-D632E26D471A}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | 
"{0F862812-C7F4-48A4-B56B-7943CAA179BB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{15C1BD66-9E14-4C3D-9D1B-5AD373CC150A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
"{1D4FF6BA-5857-45D4-97FB-9A36C0972590}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
"{1E6F87C5-5AC7-41F9-B142-1D029D018C72}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{27752341-1CDA-4986-8A0A-0FBA08758B27}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{36EE2BA1-BBB1-4A69-B61A-22BE9791CCED}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
"{371CFD2C-94BB-45F1-862F-73615B27A8EB}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{39A7184E-64A4-48B2-B862-BD0B6D3745DD}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
"{3BB22FF6-2666-4A53-85D9-C65AEB64D18C}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
"{404FBE52-1EF1-4D19-BA5F-0B239D58B55B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{40E0C95D-537E-4B52-AFE9-12056C99CCAA}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{4702D36F-E593-4F52-A546-2366F4663FAE}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe | 
"{479D8556-D3B1-46EE-B02B-3B57D4BD2893}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{532793C0-5E8D-4C9E-947C-75C11079E9CD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{53EF9E9E-E4DC-4102-A272-C7B5C646EB14}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | 
"{5C559C31-1127-4EC9-9138-F87BD571ABE0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7F28E933-F243-46A8-9854-2D144BE9C34B}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | 
"{8BA3D971-F1DD-482C-975F-39D3BF01A363}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{901F144F-A831-46E1-963F-94AB8719D6C6}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{B165B8B6-DBBA-42FC-9F53-FB707EA1B132}" = dir=in | app=c:\program files\msn messenger\livecall.exe | 
"{E0E17E3D-4426-41BE-9E75-E95A3AB7D29F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{14830F1E-C1C4-4526-BB51-4FC1ABC3EFBD}" = ZoneAlarm Firewall
"{148D093E-113F-824E-4AD1-D986BA0CF904}" = Catalyst Control Center Localization Italian
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F40420C-835B-0950-050C-737A7123612A}" = CCC Help Chinese Traditional
"{1F88DF73-339D-8D26-85C3-8F592861ED65}" = Catalyst Control Center Localization Turkish
"{1FB0B1BA-FA72-8D0B-A684-AAB24EF68569}" = Catalyst Control Center Core Implementation
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{235F2B14-B178-8377-2529-90CA3D8F6BED}" = CCC Help Italian
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{27471967-23FC-08FB-232C-E4618312076E}" = CCC Help Norwegian
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{2C37847C-3E25-CC8E-ED9B-664B20B6BAFE}" = Catalyst Control Center Localization Japanese
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{338FA5E6-4215-F340-2748-6A2F2DBF440C}" = CCC Help Danish
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 M1
"{38196504-D4E7-4E22-8589-263557DCCDB7}" = HP Wireless Assistant
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CDFEE23-66D2-4DB0-8269-12634E871725}" = Mindjet MindManager Pro 7
"{3E090892-8A98-8910-785C-F078C75658E8}" = Catalyst Control Center Localization French
"{3FD0AA0F-556A-B51E-4ADD-BF1F506E953A}" = ccc-core-static
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{427F07CD-4F39-8819-3BAF-64D99768BC69}" = Catalyst Control Center Localization Spanish
"{48899974-2A8E-8E6A-A7CD-8032A9B8DF69}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{4F432ABC-08A0-03C3-D863-147D40256581}" = CCC Help Turkish
"{56003B90-5AD7-A1E1-9B6F-907BA97F3095}" = ccc-utility
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{59FCC39D-E148-6E83-F7B6-196E18E07764}" = Catalyst Control Center InstallProxy
"{5ACFB9DC-5187-0E85-2077-579953E0B595}" = CCC Help French
"{5F686CBB-09AB-38F0-4F49-6FA3CA2F194E}" = ATI Catalyst Install Manager
"{5F7A238D-91A9-D755-E9B1-CEBA6993D5AE}" = Catalyst Control Center Localization Russian
"{63D30539-D9C1-AB9B-CEEC-5697981EA8E0}" = Catalyst Control Center Graphics Light
"{64525EA6-B64E-5C0B-6556-ADC2FA98A145}" = CCC Help Spanish
"{64F8B5EE-F7B9-E02F-705B-A5A9AF898425}" = CCC Help Chinese Standard
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6B6574E6-F534-E575-B813-BBE305F115BA}" = CCC Help Swedish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77CF3FDC-85F9-6223-909B-8FE57DD070FF}" = CCC Help Thai
"{7B1351FC-0B3F-8CFF-60DD-FBD57791B06A}" = Catalyst Control Center Localization Czech
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7C6AA635-A9EB-BE76-5BFB-49F5C0C329A6}" = Catalyst Control Center Localization Swedish
"{7D988BD6-A70F-35F8-D9CA-2D7FE04EF452}" = Catalyst Control Center Localization Norwegian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FBF6153-8392-AFAC-D443-62438F34F596}" = Catalyst Control Center Localization Polish
"{83CA14F0-5AED-93A6-8462-61356AC4BD69}" = CCC Help Korean
"{85115174-53AF-5854-A23F-7C7C9750B1AF}" = Catalyst Control Center Localization Dutch
"{867E78FF-0065-E1B6-391A-E0BEA6C71D24}" = Catalyst Control Center Localization Chinese Traditional
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{9757B760-0708-F95B-C430-0CAC42FD02A2}" = Catalyst Control Center Localization Hungarian
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A23CF2DE-7F49-5659-A8DF-C79501121935}" = Catalyst Control Center Localization Finnish
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7AC8E69-01FF-494E-9A2C-423B82CEA604}" = HP MediaSmart SmartMenu
"{A9051724-EC0D-8C2B-6F23-94F9FF111B49}" = Catalyst Control Center Localization German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AFAD6009-AD81-9990-DEF1-39260D5EAFEE}" = Catalyst Control Center Localization Korean
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4922E65-C79C-4130-9295-CDF8716DB873}" = CCC Help Finnish
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BEB50A25-8EC7-11C1-7174-BCAF87F76ACA}" = Catalyst Control Center Localization Greek
"{BF139C21-E549-77BE-AB95-BBCA9CAC7DFE}" = Catalyst Control Center Graphics Full Existing
"{BF962E1B-D17A-4713-A100-6531A132D83D}_is1" = Foto-Mosaik-Edda Standard V5.7.0
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6F7F0AE-F809-EFFB-D0C4-8FAB9682D92E}" = Catalyst Control Center Graphics Full New
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}" = ProtectSmart Hard Drive Protection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CF70FB86-378E-28D2-4CE5-2108292D8BC4}" = CCC Help Greek
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D590F022-35E6-45B5-A140-324FD614EF88}" = HP User Guides 0127
"{D6E31D68-949E-D612-E46E-9989AE8765F3}" = CCC Help English
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{E1043293-CDE3-B030-740A-9194411F0B16}" = CCC Help Russian
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{E245B6E7-79B6-E1FB-4048-DF70122E0087}" = CCC Help German
"{E2A3432F-9622-7101-1636-33258BF52760}" = CCC Help Hungarian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3CEC3C7-962E-8DCF-777B-D9FE7CB5E09E}" = CCC Help Polish
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{EA3F9C49-CAA9-4FF5-B70A-A7FC0976C5E9}" = ZoneAlarm Security
"{EAEBB027-DB8A-0711-F377-FF1AEB84C71C}" = CCC Help Portuguese
"{EBBE1D36-F72E-90CE-2E31-03C064011E28}" = Catalyst Control Center Localization Chinese Standard
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF6102C9-7864-36B1-2B51-B90C939A4AEF}" = Catalyst Control Center Localization Portuguese
"{EF7AB3F1-74F9-EE50-B1EA-62E013E13B41}" = CCC Help Japanese
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F3D5484F-D1CB-E80E-4759-DA1E3DE81D6A}" = CCC Help Czech
"{F6BCFF19-6D85-9B55-FCC0-4A56771F79CC}" = Catalyst Control Center Localization Thai
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9DFBB28-5564-621C-4D5F-E69514CBCEC7}" = Catalyst Control Center Localization Danish
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"AVG" = AVG 2012
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF-XChange 3_is1" = PDF-XChange 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"VLC media player" = VLC media player 1.1.11
"Weight Watchers FlexPoints" = Weight Watchers FlexPoints
"WildTangent hp Master Uninstall" = My HP Games
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2265993982-114685985-2131399077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"61240c64869513c2" = Napster Download Manager
"Dropbox" = Dropbox
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.07.2012 21:31:41 | Computer Name = moniundraik | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.08.2012 21:39:16 | Computer Name = moniundraik | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.08.2012 11:38:29 | Computer Name = moniundraik | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 22.08.2012 11:38:33 | Computer Name = moniundraik | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 22.08.2012 14:11:21 | Computer Name = moniundraik | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.08.2012 16:13:54 | Computer Name = moniundraik | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.09.2012 16:04:04 | Computer Name = moniundraik | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 10.09.2012 16:04:10 | Computer Name = moniundraik | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 10.09.2012 16:04:17 | Computer Name = moniundraik | Source = MsiInstaller | ID = 1013
Description = 
 
Error - 11.09.2012 13:58:27 | Computer Name = moniundraik | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 07.10.2012 13:37:24 | Computer Name = moniundraik | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.10.2012 13:37:24 | Computer Name = moniundraik | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 07.10.2012 13:41:38 | Computer Name = moniundraik | Source = DCOM | ID = 10005
Description = 
 
Error - 07.10.2012 13:41:52 | Computer Name = moniundraik | Source = DCOM | ID = 10005
Description = 
 
Error - 07.10.2012 13:41:55 | Computer Name = moniundraik | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = 
 
Error - 07.10.2012 13:41:59 | Computer Name = moniundraik | Source = DCOM | ID = 10005
Description = 
 
Error - 07.10.2012 13:42:02 | Computer Name = moniundraik | Source = DCOM | ID = 10005
Description = 
 
Error - 07.10.2012 13:42:03 | Computer Name = moniundraik | Source = DCOM | ID = 10005
Description = 
 
Error - 07.10.2012 13:42:41 | Computer Name = moniundraik | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 07.10.2012 13:42:41 | Computer Name = moniundraik | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >
--- --- ---

malwarebyte fand 2x winlock.trojan. gestern exploit.drop.ur.2 und trojan.agent.
abe alle in den quarantänecontainer verschoben.

so hier nun der log von Malwarebytes von heute:

Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.10.07.04

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
moni & raik :: MONIUNDRAIK [Administrator]

07.10.2012 20:31:42
mbam-log-2012-10-07 (20-31-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 366501
Laufzeit: 56 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|xvyqaefpvlwwfso (Trojan.Winlock) -> Daten: C:\ProgramData\xvyqaefp.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\ProgramData\xvyqaefp.exe (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

 

Themen zu weißer bildschirm und diese website kann nicht angezeigt werden
angezeigt, arten, bericht, bildschirm, entferne, entfernen, ergebnis, erschein, erscheint, forum, geholfen, gestartet, gestern, install.exe, intranet, launch, lädt, msiinstaller, plug-in, poste, rechner, schön, seite, sperrt, starte, starten, usb 2.0, website, weiße, weiße seite, weißer, zweit


« Incredibar infiziert | In Google-Anzeige Firefox Download Malware? »


Ähnliche Themen: weißer bildschirm und diese website kann nicht angezeigt werden


  1. Website kann nicht angezeigt werden - dns_probe_finished_nxdomain
    Log-Analyse und Auswertung - 16.10.2015 (3)
  2. Diese Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (51)
  3. Weißer Bildschirm, "Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 05.02.2013 (26)
  4. Diese Website kann nicht angezeigt werden-Virus?
    Log-Analyse und Auswertung - 19.12.2012 (2)
  5. Weißer Bildschirm, "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 18.11.2012 (21)
  6. Weißer Bildschirm, "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 17.11.2012 (35)
  7. Trojaner Ransom-D / Weißer Bildschirm: "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (39)
  8. Weißer Bildschirm und Meldung "Seite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (9)
  9. weißer Bildschirm mit Text " Website kann nicht angezeigt werden" -> Avast meldete Trojaner Ransom-D
    Plagegeister aller Art und deren Bekämpfung - 14.10.2012 (25)
  10. Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (9)
  11. Weißer Bildschirm, "Website kann nicht angezeigt werden", Conteneur ActiveX
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (4)
  12. Bildschirm blockiert: Website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (1)
  13. weißer bildschirm, die Seite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (23)
  14. "Diese Website kann nicht angezeigt werden" -> PC nicht benutzbar
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  15. Weißer Bildschirm und Meldung " Webside kann nicht angezeigt werden"
    Log-Analyse und Auswertung - 14.08.2012 (12)
  16. fehlermeldung "diese webseite kann nicht angezeigt werden" bildschirm ist blockiert
    Log-Analyse und Auswertung - 14.08.2012 (3)
  17. Die Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 05.07.2009 (18)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema weißer bildschirm und diese website kann nicht angezeigt werden - hallo. wie bei so vielen in diesem forum auch schon ist mein rechner seit gestern befallen. war auf einer streaming-site und seit dem ist nach dem starten des desktophintergrundbildes schluss. - weißer bildschirm und diese website kann nicht angezeigt werden...
Archiv
Du betrachtest: weißer bildschirm und diese website kann nicht angezeigt werden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131