TrojanDownloader:win32/Renos.MG wie entfernen?

Larusso · 05.08.2010, 20:18

Alles mit der Ruhe -.-

Schritt 1

Java aktualisieren

Deine Javaversion ist veraltet. Da einige Schädlinge (z. B. Vundo) über Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen müssen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von prm753 herunter und entpacke es auf den Desktop. JavaRA ist geeignet für Windows 9x, 2k, XP und Vista (mit deaktivierter Benuterkontensteuerung).

Schließe alle Browserfenster.
Doppelklicke die JavaRa.exe, um das Programm zu starten.
Die Sprache auswählen, nimm Englisch und klicke "Select".
Klicke auf Additional Task, mache Haken bei Remove Useless JRE Files und [b]Remove Sun Download Manager[b].
Klicke auf Go und jeweils auf Ok und schließe das Fenster "Additional Tasks" wieder.
Klicke auf Remove Older Versions, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen.
Klicke auf Yes wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK.
Das Logfile wird im Editor geöffnet, bitte speichern und später hier posten.
Kontrolliere in Systemsteuerung => Programme, ob noch Java-Versionen vorhanden sind und deinstalliere diese.
Rechner neu starten.

Downloade nun Java (Java Runtime Environment (JRE) 6 Update XX) von Oracle und installiere es. Vor dem Download musst Du die Lizenzbedingungen akzeptieren, indem Du "Accept License Agreement" aktivierst. Erweiterte Optionen anhaken, Sponsoren-Programm (Toolbar oder ähnliches) ggfs. abwählen.

Schritt 2

Starte bitte Adobe Reader.
Im Reiter Help klicke bitte auch Check for Updates

Schritt 3

Downloade Dir bitte das Service Pack 2 und installiere dieses

Schritt 4

Starte bitte OTL.exe.
Wähle unter
Extra Registrierung: Benutze Safe List und klicke auf den Scan Button.

Bitte poste in Deiner nächsten Antwort
OTL.txt
Extras.txt
Berichte wie der Rechner läuft

Zickchen · 05.08.2010, 21:01

java ist aktualisiert, service pack 2 krieg ich nicht insatlliert - es liegt ein Systemfehler vor.
Er sagt mir, dass ich ein Vorbereitungstool installieren soll. Das soll ich über updates suchen.
Findet er aber nicht.
Muss jetzt ins Bett, mache morgen früh direkt weiter.
danke schon einmal...

gute nacht..

Larusso · 05.08.2010, 21:50

Downloaddetails: Update für Windows Vista (KB955430)

Zickchen · 06.08.2010, 10:32

Zitat:

Zitat von Larusso

Downloaddetails: Update für Windows Vista (KB955430)

Hab ich runtergeladen und installiert.
Dann versucht das Vorbereitungstool zu bekommen.
Findet er nicht. Dann versucht trotzdem das SP2 zu installieren und gibt mir wieder nur an das es ein Systemfehler ist.

Hab versucht ein vorhandenes Update zu installieren, hat er auch abgebrochen und nur nen Code ausgespuckt.

Zickchen · 06.08.2010, 10:45

code80200053 ist der fehlercode den er mir bei einem updateversuch anzeigt.

Zickchen · 06.08.2010, 11:29

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 06.08.2010 12:22:46 - Run 3
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Derya\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 236,09 Gb Total Space | 96,94 Gb Free Space | 41,06% Space Free | Partition Type: NTFS
Drive D: | 49,00 Gb Total Space | 48,91 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DERYA-PC
Current User Name: Derya
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.08.05 15:53:16 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Derya\Desktop\MFTools\OTL.exe
PRC - [2010.07.25 10:12:50 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.07.25 10:12:50 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.10.13 12:26:28 | 000,466,689 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
PRC - [2009.07.24 05:20:56 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.28 08:06:56 | 000,548,864 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.05.15 08:47:58 | 000,692,224 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.21 09:53:06 | 007,420,448 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.12.10 09:07:52 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.08.26 10:59:54 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2008.08.19 06:18:10 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.08.05 15:53:16 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Derya\Desktop\MFTools\OTL.exe
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010.05.30 14:55:21 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.05.30 14:54:48 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.05.30 14:54:48 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009.12.11 01:40:54 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.22 19:38:22 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.06.22 19:26:04 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.05.04 16:35:00 | 000,163,328 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.04.22 11:27:12 | 001,129,472 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.04.21 09:37:38 | 002,361,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.11 10:11:50 | 000,329,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.08.28 04:52:52 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008.08.05 05:02:22 | 002,381,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.07.12 12:58:54 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006.11.14 02:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.06 11:21:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.06 11:21:22 | 000,000,000 | ---D | M]
 
[2009.12.12 21:57:10 | 000,000,000 | ---D | M] -- C:\Users\Derya\AppData\Roaming\mozilla\Extensions
[2010.08.06 11:20:17 | 000,000,000 | ---D | M] -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions
[2010.07.15 14:12:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.12.12 21:59:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010.08.06 07:33:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.01.17 18:47:20 | 000,000,000 | ---D | M] -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions\firefox@tvunetworks.com
[2010.07.15 14:12:38 | 000,000,000 | ---D | M] -- C:\Users\Derya\AppData\Roaming\mozilla\Firefox\Profiles\4v7lny76.default\extensions\foxyproxy@eric.h.jung
[2010.08.05 21:55:57 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.08.05 21:46:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.05 21:45:59 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.03.16 20:28:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.16 20:28:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.16 20:28:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.16 20:28:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.16 20:28:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Derya\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valueactive.eu/flashax/iefax.cab (Flash Casino Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Derya\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Derya\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{18d1de37-78a5-11df-8ec8-002454206ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{18d1de37-78a5-11df-8ec8-002454206ce7}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{3303191f-9e2a-11df-ad6d-002454206ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{3303191f-9e2a-11df-ad6d-002454206ce7}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{3fc20fb4-6b48-11df-b4d3-002454206ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{3fc20fb4-6b48-11df-b4d3-002454206ce7}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{8a39a0ba-6bcd-11df-b892-002454206ce7}\Shell\AutoRun\command - "" = H:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{8a39a0ba-6bcd-11df-b892-002454206ce7}\Shell\menu1\command - "" = H:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{924efc25-6b47-11df-89fa-002454206ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{924efc25-6b47-11df-89fa-002454206ce7}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{a2f42cee-9dc9-11de-b09a-002454206ce7}\Shell\AutoRun\command - "" = F:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{a2f42cee-9dc9-11de-b09a-002454206ce7}\Shell\menu1\command - "" = F:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{c4faba8d-845b-11df-a0e6-002454206ce7}\Shell\AutoRun\command - "" = G:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{c4faba8d-845b-11df-a0e6-002454206ce7}\Shell\menu1\command - "" = G:\pccompanion\Startme.exe -- File not found
O33 - MountPoints2\{ea815c4c-59ec-11df-bc07-002454206ce7}\Shell - "" = AutoRun
O33 - MountPoints2\{ea815c4c-59ec-11df-bc07-002454206ce7}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.06 11:45:58 | 000,000,000 | ---D | C] -- C:\f7ec9de5434cc48ae049ae30ddb0448c
[2010.08.06 11:36:07 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2010.08.06 07:33:26 | 000,000,000 | ---D | C] -- C:\Users\Derya\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.05 21:58:04 | 000,000,000 | ---D | C] -- C:\Users\Derya\AppData\Local\WindowsUpdate
[2010.08.05 21:50:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.08.05 21:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.05 21:46:11 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.05 21:46:10 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.05 21:46:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.05 21:46:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.05 21:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.08.05 21:32:20 | 000,157,696 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Users\Derya\Desktop\JavaRa.exe
[2010.08.05 18:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.08.05 17:35:48 | 001,196,368 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Derya\Desktop\TDSSKiller.exe
[2010.08.05 17:31:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.08.05 16:39:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.05 16:02:09 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.08.05 16:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.08.05 15:53:54 | 000,000,000 | ---D | C] -- C:\Users\Derya\AppData\Roaming\Malwarebytes
[2010.08.05 15:53:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.05 15:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.05 15:53:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.05 15:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.05 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\Derya\Desktop\MFTools
[2010.08.03 21:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2010.08.03 21:23:13 | 000,000,000 | -HSD | C] -- C:\Users\Derya\AppData\Roaming\.#
[2010.07.21 22:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\DEUTSCHLAND SPIELT
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.06 12:24:54 | 001,835,008 | -HS- | M] () -- C:\Users\Derya\NTUSER.DAT
[2010.08.06 12:24:43 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A00B85EE-6817-47C8-A478-A6C3C398D410}.job
[2010.08.06 12:05:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.06 11:40:26 | 000,000,240 | ---- | M] () -- C:\Windows\win.ini
[2010.08.06 11:37:05 | 001,475,800 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.06 11:37:05 | 000,685,712 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.06 11:37:05 | 000,642,704 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.06 11:37:05 | 000,149,980 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.06 11:37:05 | 000,121,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.06 11:06:33 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 11:06:33 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 11:06:31 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.06 11:06:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.06 11:06:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.06 11:06:22 | 3150,565,376 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.06 07:51:56 | 000,524,288 | -HS- | M] () -- C:\Users\Derya\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.08.06 07:51:56 | 000,065,536 | -HS- | M] () -- C:\Users\Derya\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.06 07:51:54 | 006,291,456 | -H-- | M] () -- C:\Users\Derya\AppData\Local\IconCache.db
[2010.08.06 07:33:24 | 000,001,032 | ---- | M] () -- C:\Users\Derya\Desktop\DVDVideoSoft Free Studio.lnk
[2010.08.06 07:19:25 | 000,000,423 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010.08.05 21:45:58 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.05 21:45:58 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.05 21:45:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.05 21:45:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.05 21:43:22 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.05 21:31:23 | 000,071,798 | ---- | M] () -- C:\Users\Derya\Desktop\JavaRa.zip
[2010.08.05 18:32:16 | 000,869,051 | ---- | M] () -- C:\Users\Derya\Desktop\SecurityCheck.exe
[2010.08.05 18:00:43 | 002,672,312 | ---- | M] () -- C:\Users\Derya\Desktop\esetsmartinstaller_enu.exe
[2010.08.05 17:35:27 | 001,130,629 | ---- | M] () -- C:\Users\Derya\Desktop\tdsskiller.zip
[2010.08.05 16:39:24 | 253,544,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.08.05 16:01:51 | 000,000,733 | ---- | M] () -- C:\Users\Derya\Desktop\NTREGOPT.lnk
[2010.08.05 16:01:51 | 000,000,714 | ---- | M] () -- C:\Users\Derya\Desktop\ERUNT.lnk
[2010.08.05 15:53:49 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.05 15:53:15 | 000,284,915 | ---- | M] () -- C:\Users\Derya\Desktop\Gmer.zip
[2010.08.04 21:07:54 | 000,097,280 | ---- | M] () -- C:\Users\Derya\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.04 20:46:05 | 000,386,621 | ---- | M] () -- C:\Users\Derya\Documents\baby04.08.wma
[2010.08.04 15:07:42 | 001,196,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Derya\Desktop\TDSSKiller.exe
[2010.08.04 13:23:57 | 000,019,456 | ---- | M] () -- C:\Users\Derya\Documents\ausgabenbeni.xls
 
========== Files Created - No Company Name ==========
 
[2010.08.06 07:33:20 | 000,001,032 | ---- | C] () -- C:\Users\Derya\Desktop\DVDVideoSoft Free Studio.lnk
[2010.08.05 21:43:22 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.05 21:32:20 | 000,245,103 | ---- | C] () -- C:\Users\Derya\Desktop\JavaRa.def
[2010.08.05 21:31:22 | 000,071,798 | ---- | C] () -- C:\Users\Derya\Desktop\JavaRa.zip
[2010.08.05 18:32:15 | 000,869,051 | ---- | C] () -- C:\Users\Derya\Desktop\SecurityCheck.exe
[2010.08.05 18:00:41 | 002,672,312 | ---- | C] () -- C:\Users\Derya\Desktop\esetsmartinstaller_enu.exe
[2010.08.05 17:35:23 | 001,130,629 | ---- | C] () -- C:\Users\Derya\Desktop\tdsskiller.zip
[2010.08.05 16:38:57 | 253,544,670 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.08.05 16:13:10 | 000,293,376 | ---- | C] () -- C:\Users\Derya\Desktop\gmer.exe
[2010.08.05 16:01:51 | 000,000,733 | ---- | C] () -- C:\Users\Derya\Desktop\NTREGOPT.lnk
[2010.08.05 16:01:51 | 000,000,714 | ---- | C] () -- C:\Users\Derya\Desktop\ERUNT.lnk
[2010.08.05 15:53:49 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.05 15:51:07 | 000,284,915 | ---- | C] () -- C:\Users\Derya\Desktop\Gmer.zip
[2010.08.04 20:46:05 | 000,386,621 | ---- | C] () -- C:\Users\Derya\Documents\baby04.08.wma
[2010.05.18 10:56:02 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.12.28 11:50:55 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.12.28 11:50:55 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.12.09 15:10:44 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.24 05:19:37 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009.07.24 05:19:37 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009.07.24 05:17:29 | 000,004,280 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009.07.24 05:17:08 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.07.24 03:35:48 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.07.24 03:35:40 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1540.dll
[2008.08.05 08:07:20 | 000,065,216 | ---- | C] () -- C:\Windows\System32\PDFreDirectMonNT.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.02.20 15:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
< End of report >

--- --- ---
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 06.08.2010 12:22:46 - Run 3
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Derya\Desktop\MFTools
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 236,09 Gb Total Space | 96,94 Gb Free Space | 41,06% Space Free | Partition Type: NTFS
Drive D: | 49,00 Gb Total Space | 48,91 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DERYA-PC
Current User Name: Derya
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{208A00FA-10A6-4584-BDF6-B84153B8D04B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{20D028DC-E2FF-4AA2-BAE6-D57BEA8198C4}" = lport=445 | protocol=6 | dir=in | app=system | 
"{56BBB4AF-1C79-49AD-BA89-69A78E1BA809}" = rport=137 | protocol=17 | dir=out | app=system | 
"{60F82C58-B1F5-430D-B939-695ADBE7913D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7825D50A-BC25-4214-9FF6-5F5DA05758BC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{78A0BE29-B16C-4D3C-8DFD-617697596852}" = rport=139 | protocol=6 | dir=out | app=system | 
"{83C4E23B-E6B4-48FF-B3AB-F3B8C078A9DA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B5A334D3-744D-4556-9DE4-ED2280B3527D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C5D50928-0BDF-4E0D-A9C9-78DC6296097D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EDA4BBDD-1E33-4B4C-83ED-256B45259F11}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22B4D4BC-F397-40C7-9174-D0EA5C3C502D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{5A721190-AF02-4F9C-BFE0-4BA4C969A297}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{654745A0-0069-4F55-9E7C-21427E827FC2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{65A32000-6AA6-4098-9C96-E0BECF98BB91}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{6F60A275-9EC3-41A8-A3A8-A93E2274200D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8827AF14-989F-414A-BB3B-DE1FFC28085F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9B4FAF45-F301-4EB6-9DE1-F6295DBA383C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{DC9462F6-B41E-4DF5-9D89-53412414E8EF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{F5F3BCCF-A29F-4EEA-A1D6-136E32AEAF4F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F619090B-946A-453A-989F-D821D70C4C00}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{0E0E9C79-F7E4-45B3-B00A-486F255AE8B3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{F01651CB-E27F-416C-8D2A-566A61575173}E:\bin\ia\core\mdm_util.exe" = protocol=6 | dir=in | app=e:\bin\ia\core\mdm_util.exe | 
"UDP Query User{02EB20C5-49AD-4E76-A31A-71960A6F70F5}E:\bin\ia\core\mdm_util.exe" = protocol=17 | dir=in | app=e:\bin\ia\core\mdm_util.exe | 
"UDP Query User{85D44772-5EB8-4B35-AD27-6BF7932806B8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{3832FA99-2EDD-41E0-94AD-FBF9FABAFEF9}" = Atheros WLAN Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{68CAE442-579C-4D84-AA5F-253852522ED5}" = PCTroubleshooting
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"Die Wiege Olympias 2" = Die Wiege Olympias 2
"DSGPlayer" = RTL GAME CENTER
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"PDF reDirect" = PDF reDirect (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"VLC media player" = VLC media player 1.0.3
"WinRAR archiver" = WinRAR
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.08.2010 10:40:39 | Computer Name = Derya-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.08.2010 11:32:58 | Computer Name = Derya-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.08.2010 11:32:58 | Computer Name = Derya-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.08.2010 11:34:04 | Computer Name = Derya-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.08.2010 11:34:15 | Computer Name = Derya-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 05.08.2010 11:34:15 | Computer Name = Derya-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 05.08.2010 15:53:48 | Computer Name = Derya-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SynTPEnh.exe, Version 11.1.3.2, Zeitstempel 
0x48b6efcc, fehlerhaftes Modul SynTPEnh.exe, Version 11.1.3.2, Zeitstempel 0x48b6efcc,
 Ausnahmecode 0xc0000409, Fehleroffset 0x0002c1ec,  Prozess-ID 0xe34, Anwendungsstartzeit
 01cb34b37ac8d3f5.
 
Error - 06.08.2010 01:05:24 | Computer Name = Derya-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 06.08.2010 01:05:24 | Computer Name = Derya-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 06.08.2010 01:06:07 | Computer Name = Derya-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:34:07 | Computer Name = Derya-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 06.08.2010 05:47:27 | Computer Name = Derya-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 7
Description = 
 
Error - 06.08.2010 05:47:27 | Computer Name = Derya-PC | Source = Microsoft-Windows-Service Pack Installer | ID = 8
Description = 
 
 
< End of report >

--- --- ---

Larusso · 06.08.2010, 11:30

hy, versuch einmal das hier zu installieren. Vista ist da etwas, naja nennen wir es mal "eigen"

[ur]http://winfuture.de/downloadvorschalt,2258.html[/url]

Zickchen · 06.08.2010, 11:53

klappt auch nicht.

Larusso · 06.08.2010, 11:59

Hy, gehe bitte auf folgende Seite und führe die Schritte 1-3 aus. Versuche danach das Update erneut zu installieren.
Stelle dabei alle HinterGrundwächter ab. Du benötigst Administratorrechte

Genuine Microsoft Software

Zickchen · 06.08.2010, 12:03

Zitat:

Zitat von Larusso

Hy, gehe bitte auf folgende Seite und führe die Schritte 1-3 aus. Versuche danach das Update erneut zu installieren.
Stelle dabei alle HinterGrundwächter ab. Du benötigst Administratorrechte

Genuine Microsoft Software

Ähm, mein Englisch ist jetzt nicht so gut das ich das ohne Weiteres hinbekomme.
Kannst Du mir das bitte übersetzen?
Danke

Zickchen · 07.08.2010, 11:26

...oder hast Du noch eine andere Lösung?

Larusso · 07.08.2010, 11:59

Türlich kann ich das übersetzen

1.

Klicke links auf den Validate Windows Button.

2.
Installiere das Firefox PlugIn. (sollte nur kommen wenn du mit dem FF dort bist)

3.
Nur eine Erklärung.

Wenn du auf den Vaildate Windows button klickst, installiere das Plug In und klicke danach auf refresh.
Windows Genuine Advantage Plug-in loaded correctly << wenn dies erscheint, klicke auf Continue

Danach auf Validate Now.
Starte danach die heruntergeladene legitcheck.hta. Ignoriere gegebenfalls eine Meldung und klicke JA.

Folge danach den Anweisungen auf dem Bildschirm.
Kopiere mir danach den Inhalt des PopUps hier mal rein.

Zickchen · 07.08.2010, 12:59

validate windows button, welcher soll das sein?

Larusso · 07.08.2010, 13:11

Links sollte der sein. So ein blaues recheckiges Ding wo weiß validate Windows drinn steht nennt man Button

Zickchen · 07.08.2010, 13:15

boar sorry, ich versteh nur Bahnhof.
Ist der auf dem Bildschirm oder der auf der Tastatur?

Ich seh hier sowas nicht...

Übrigens sind ( wieso auch immer) meine Desktop Symbole riesig groß seit gerade....wie kommt das?

05.08.2010, 21:50	#18
Larusso /// Selecta Jahrusso	TrojanDownloader:win32/Renos.MG wie entfernen? Downloaddetails: Update für Windows Vista (KB955430) __________________ __________________

07.08.2010, 13:11	#29
Larusso /// Selecta Jahrusso	TrojanDownloader:win32/Renos.MG wie entfernen? Links sollte der sein. So ein blaues recheckiges Ding wo weiß validate Windows drinn steht nennt man Button __________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie

TrojanDownloader:win32/Renos.MG wie entfernen?

Plagegeister aller Art und deren Bekämpfung: TrojanDownloader:win32/Renos.MG wie entfernen?