Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: System Tool entfernen!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.03.2011, 02:22   #1
Nathicana
 
System Tool entfernen! - Standard

System Tool entfernen!



Hey!!! und schönen Abend!

Suche Hilfe beim Eliminieren meines <<System Tool>> Ärgernisses!

Also, mal zu den Schritten, die ich unternommen hab bis jetz...

- lalalala.exe Datein aus C:\ProgramData\lalala entfernt
- mit Hilfe von CCleaner Zeugs aus Registry gelöscht
- Malwarebytes installiert + Scan
- OTL installiert + Scan
- nochmal Malwarebytes Scan

Ich hoffe mir kann jemand helfen,
vielen Dank im Voraus!!

Nathicana

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6100

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

18.03.2011 23:37:21
mbam-log-2011-03-18 (23-37-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|I:\|J:\|)
Durchsuchte Objekte: 341514
Laufzeit: 59 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSSMSGS (Backdoor.Bot) -> Value: MSSMSGS -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\$Recycle.Bin\s-1-5-21-148669553-722609915-925224302-1000\$RA1LYQA.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\Adobe\adobe-master-cs3-keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
c:\Users\Ricarda\AppData\Local\Mozilla\Firefox\Profiles\vsuqi4k4.default\Cache\500e6f0ed01 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
         
Code:
ATTFilter
OTL logfile created on: 19.03.2011 01:02:07 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ricarda\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 140,05 Gb Free Space | 50,32% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,58 Gb Free Space | 33,31% Space Free | Partition Type: FAT32
Drive J: | 1,95 Gb Total Space | 0,61 Gb Free Space | 31,08% Space Free | Partition Type: FAT
 
Computer Name: RICARDA-PC | User Name: Ricarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ricarda\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Ricarda\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\3DataManager\WTGService.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Programme\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\VITAKEY\PdtWzd.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\VITAKEY\CompPtcVUI.exe (Egis Technology Inc.)
PRC - C:\Programme\EgisTec\VITAKEY\BASVC.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlNotifyIcon.exe (EgisTec Inc.)
PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ricarda\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WTGService) -- C:\Programme\3DataManager\WTGService.exe ()
SRV - (IGBASVC) -- C:\Programme\EgisTec\VITAKEY\BASVC.exe ()
SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (FPWinIo) -- C:\Windows\system32\DRIVERS\FPWinIo.sys ()
DRV - (FPSensor) LTT-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\System32\drivers\FPSensor.sys (LTT)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.)
DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.)
DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {7EE8902C-75BE-4286-A6CE-0C483607A322}:0.7.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:0.8.19
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
 
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\3-addons\addon [2010.06.28 21:03:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.07 21:43:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.07 21:43:41 | 000,000,000 | ---D | M]
 
[2010.06.20 21:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Extensions
[2011.03.17 18:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions
[2010.08.14 07:12:50 | 000,000,000 | ---D | M] (ShowIP) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2010.08.14 07:12:50 | 000,000,000 | ---D | M] (Hide Tabbar) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions\{7EE8902C-75BE-4286-A6CE-0C483607A322}
[2010.08.14 07:12:50 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2010.08.14 01:13:36 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.08.14 07:12:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ricarda\AppData\Roaming\mozilla\Firefox\Profiles\vsuqi4k4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.09.05 17:04:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.05 17:04:28 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.05 01:48:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.09.05 17:04:28 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
[2010.09.05 01:48:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.09.05 01:47:50 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[1999.12.31 16:00:00 | 000,166,680 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.10.11 01:12:41 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.11 01:12:41 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.11 01:12:41 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.11 01:12:41 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.11 01:12:41 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.08.25 21:11:40 | 000,000,797 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1       activate.adobe.com
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Programme\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Programme\EgisTec\VITAKEY\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gehirnjogging Vol.5 Inkl. BT OLR] C:\Programme\BVRP Software\Gehirnjogging Vol.5 Inkl. BT\BVRPOlr.exe (Avanquest Software)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ricarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ricarda\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.20 16:08:42 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.21 11:50:32 | 000,000,672 | RH-- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2976a7b2-7c7a-11df-a53b-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{2976a7b2-7c7a-11df-a53b-0015affb7c2d}\Shell\AutoRun\command - "" = I:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{55a0948e-a6f1-11df-b768-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{55a0948e-a6f1-11df-b768-0015affb7c2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{59d1805a-7ca2-11df-a410-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{59d1805a-7ca2-11df-a410-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{c5e0c253-a7cc-11df-826d-0015affb7c2d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL CoUmuU.Exe
O33 - MountPoints2\{ca2cd179-7ca3-11df-ae4f-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{ca2cd179-7ca3-11df-ae4f-0015affb7c2d}\Shell\AutoRun\command - "" = H:\Setup.exe
O33 - MountPoints2\{ca2cd266-7ca3-11df-ae4f-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{ca2cd266-7ca3-11df-ae4f-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{e30cd40a-82e8-11df-bb2e-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{e30cd40a-82e8-11df-bb2e-0015affb7c2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{e30cd412-82e8-11df-bb2e-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{e30cd412-82e8-11df-bb2e-0015affb7c2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{e48064e9-a874-11df-b33d-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{e48064e9-a874-11df-b33d-0015affb7c2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f1d48790-8211-11df-b375-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d48790-8211-11df-b375-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f1d48796-8211-11df-b375-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d48796-8211-11df-b375-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f1d48798-8211-11df-b375-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d48798-8211-11df-b375-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f1d487d0-8211-11df-b375-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d487d0-8211-11df-b375-0015affb7c2d}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f2978a10-bc54-11df-9511-0015affb7c2d}\Shell - "" = AutoRun
O33 - MountPoints2\{f2978a10-bc54-11df-9511-0015affb7c2d}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.19 00:42:33 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Ricarda\Desktop\OTL.exe
[2011.03.19 00:28:37 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Ricarda\Desktop\OTH.scr
[2011.03.18 22:31:45 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\AppData\Roaming\Malwarebytes
[2011.03.18 22:31:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.18 22:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.18 22:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.18 22:31:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.18 22:31:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.18 22:28:38 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Ricarda\Desktop\mbam-setup.exe
[2011.03.09 03:18:25 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\DOPPELdruck
[2011.03.08 18:14:58 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\Pr. Baskül
[2011.03.08 10:21:56 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\Portfolio DRUCK
[2011.02.25 00:05:12 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\DRUCK
[2011.02.19 18:08:21 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\1.-4. Fachschule
[2011.02.18 23:14:15 | 000,000,000 | ---D | C] -- C:\Users\Ricarda\Desktop\Photos
[2009.05.14 20:02:10 | 003,392,872 | ---- | C] (Acresso Software Inc.) -- C:\Programme\Common Files\adlmint_libFNP.dll
[2009.05.14 20:02:10 | 003,298,152 | ---- | C] (Autodesk) -- C:\Programme\Common Files\adlmint.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.19 00:43:25 | 000,618,430 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.19 00:43:25 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.19 00:43:25 | 000,122,842 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.19 00:43:25 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.19 00:35:06 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Ricarda\Desktop\OTL.exe
[2011.03.19 00:33:11 | 000,028,029 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.03.19 00:32:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.19 00:32:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.19 00:32:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.19 00:32:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.19 00:32:17 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.19 00:31:19 | 000,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.03.19 00:26:48 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Ricarda\Desktop\OTH.scr
[2011.03.19 00:19:05 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.19 00:15:02 | 000,000,130 | ---- | M] () -- C:\Users\Ricarda\Desktop\hosts-perm.bat
[2011.03.18 22:32:07 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-148669553-722609915-925224302-1000UA.job
[2011.03.18 22:31:33 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.18 22:26:24 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Ricarda\Desktop\mbam-setup.exe
[2011.03.18 20:25:48 | 256,310,421 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.03.17 23:33:05 | 000,002,056 | ---- | M] () -- C:\Users\Ricarda\Desktop\Google Chrome.lnk
[2011.03.09 05:32:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-148669553-722609915-925224302-1000Core.job
[2011.03.08 18:14:37 | 000,020,992 | ---- | M] () -- C:\Users\Ricarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.06 14:04:49 | 001,711,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.26 15:06:06 | 002,793,285 | ---- | M] () -- C:\Users\Ricarda\Desktop\rischnaby.jpg
[2011.02.26 14:55:23 | 000,000,680 | ---- | M] () -- C:\Users\Ricarda\AppData\Local\d3d9caps.dat
[2011.02.24 03:22:41 | 002,620,812 | ---- | M] () -- C:\Users\Ricarda\Desktop\Documents\port.xps
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.03.19 00:16:04 | 000,000,130 | ---- | C] () -- C:\Users\Ricarda\Desktop\hosts-perm.bat
[2011.03.18 22:31:33 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.18 20:27:05 | 3215,839,232 | -HS- | C] () -- C:\hiberfil.sys
[2011.03.17 23:17:21 | 256,310,421 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.02.26 15:06:03 | 002,793,285 | ---- | C] () -- C:\Users\Ricarda\Desktop\rischnaby.jpg
[2011.02.24 03:20:43 | 002,620,812 | ---- | C] () -- C:\Users\Ricarda\Desktop\Documents\port.xps
[2010.09.05 17:08:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.25 00:12:30 | 000,034,308 | ---- | C] () -- C:\Windows\System32\Chip.dll
[2010.08.24 23:58:26 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.15 18:59:20 | 000,010,752 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010.06.27 21:39:32 | 000,020,992 | ---- | C] () -- C:\Users\Ricarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.20 21:05:28 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.06.20 16:06:08 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.06.04 16:53:46 | 000,066,856 | ---- | C] () -- C:\Windows\System32\drivers\FPWinIo.sys
[2010.06.04 16:51:06 | 000,028,029 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.06.04 16:50:17 | 000,028,029 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.06.04 16:42:03 | 000,000,276 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2010.06.04 15:53:50 | 000,000,680 | ---- | C] () -- C:\Users\Ricarda\AppData\Local\d3d9caps.dat
[2010.06.04 15:45:35 | 000,001,660 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.09.15 07:06:56 | 000,119,296 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008.09.10 15:53:47 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.08.25 21:11:40 | 000,000,675 | RHS- | C] () -- C:\Windows\System32\oeminfo.ini
[2008.01.21 08:15:58 | 000,618,430 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,122,842 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.21 03:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2007.04.16 02:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 001,711,120 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
 
========== LOP Check ==========
 
[2011.03.18 22:31:26 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\3DataManager
[2010.12.26 06:27:13 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\Canneverbe Limited
[2010.06.20 20:49:00 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\DAEMON Tools
[2010.06.20 20:49:56 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\DAEMON Tools Lite
[2010.06.20 20:49:00 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\DAEMON Tools Pro
[2010.06.20 20:35:26 | 000,000,000 | ---D | M] -- C:\Users\Ricarda\AppData\Roaming\Program Files
[2011.03.19 00:31:19 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.01.11 12:39:42 | 000,110,080 | ---- | C] ()(C:\Users\Ricarda\Desktop\????? ?????? ???????.doc) -- C:\Users\Ricarda\Desktop\салат зимней страсти.doc
[2011.01.11 12:36:16 | 000,110,080 | ---- | M] ()(C:\Users\Ricarda\Desktop\????? ?????? ???????.doc) -- C:\Users\Ricarda\Desktop\салат зимней страсти.doc
[2010.12.15 00:20:08 | 000,024,064 | ---- | M] ()(C:\Users\Ricarda\Desktop\Documents\??????? ???????.doc) -- C:\Users\Ricarda\Desktop\Documents\РИКАРДА ГРАТЦЕР.doc
[2010.12.15 00:20:07 | 000,024,064 | ---- | C] ()(C:\Users\Ricarda\Desktop\Documents\??????? ???????.doc) -- C:\Users\Ricarda\Desktop\Documents\РИКАРДА ГРАТЦЕР.doc

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 19.03.2011 01:02:08 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Ricarda\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,32 Gb Total Space | 140,05 Gb Free Space | 50,32% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 6,58 Gb Free Space | 33,31% Space Free | Partition Type: FAT32
Drive J: | 1,95 Gb Total Space | 0,61 Gb Free Space | 31,08% Space Free | Partition Type: FAT
 
Computer Name: RICARDA-PC | User Name: Ricarda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = jsfile] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7D113D11-BF30-457E-9BC8-E2BB9EBDB7AC}" = lport=53392 | protocol=17 | dir=in | name=emule udp | 
"{F705078C-EB67-4F33-AD66-BE5C2FD7E470}" = lport=22452 | protocol=6 | dir=in | name=emule | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{E9DD8BD1-11CB-4807-980A-C0526625F5EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"TCP Query User{30ED17A5-0EE9-4EBC-B5B6-A73B03C68A7C}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{A42EA6AF-ACF1-4BC7-A98E-1E965DB2F848}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | 
"UDP Query User{2C54E5C7-BCB1-4DEE-8B8D-47C15D0C5E5E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{C4541DDB-6FBD-48A1-930E-70A98269D20F}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4500
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18CF4CF7-32FB-4300-9BED-A1FCF7F1619C}" = Rhinoceros 4.0 Trainingsmaterial - Stufe 2
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2F4493E4-7237-4B2F-B693-B13BA827DBA7}" = Rhinoceros 4.0 Trainingsmaterial - Stufe 1
"{310AFA6B-094D-45DA-8389-4712074B6A22}" = Maya 2010
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker 3
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D66FDFC-F2EC-45F8-A405-08FBC81614AE}" = RuTast
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = DIE SIEDLER - Das Erbe der Könige
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9428A68A-9B43-473D-9771-FDA1D15B4C0D}" = VITAKEY
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D95374F0-C70E-4F23-B6F9-3FE6511EBCE3}" = AMCap
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3
"3DataManager" = 3DataManager
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"eMule" = eMule
"Gehirnjogging 5 - Inklusive Bewerbungstraining" = Gehirnjogging 5 - Inklusive Bewerbungstraining
"InstallShield_{9428A68A-9B43-473D-9771-FDA1D15B4C0D}" = VITAKEY
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.0
"WinRAR archiver" = WinRAR
"Woody Woodpecker" = Woody Woodpecker
"XMedia Recode" = XMedia Recode 2.1.3.7
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Soundpark 3D" = Soundpark 3D
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
Error - 26.02.2011 13:09:57 | Computer Name = Ricarda-PC | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
 already closed Trace: (null)
 
[ System Events ]
Error - 23.02.2011 20:41:15 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 23.02.2011 22:12:46 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 23.02.2011 22:19:47 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 24.02.2011 06:57:06 | Computer Name = Ricarda-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 24.02.2011 06:58:29 | Computer Name = Ricarda-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 24.02.2011 07:01:48 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 24.02.2011 07:18:26 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 24.02.2011 07:29:27 | Computer Name = Ricarda-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 24.02.2011 08:47:31 | Computer Name = Ricarda-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 24.02.2011 08:48:53 | Computer Name = Ricarda-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6100

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

19.03.2011 01:38:59
mbam-log-2011-03-19 (01-38-59).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 157832
Laufzeit: 2 Minute(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

Alt 19.03.2011, 09:44   #2
kira
/// Helfer-Team
 
System Tool entfernen! - Standard

System Tool entfernen!



Hallo und Herzlich Willkommen!

Code:
ATTFilter
c:\program files\Adobe\adobe-master-cs3-keygen.exe
         
Kann ich Dir leider keine erfreuliche Nachricht geben, aber vielleicht lernst Du was draus...?!
- Cracks & Serials, Keygen ..sollte man die Finger davon lassen, weil zig Popups und Viren die Seite verseuchen. Du musst dir dann über einen verseuchten Rechner gedanke machen! Man sollte nicht absitlich der Teufel holen!
Weil dieses `selbstzerrstörerischem Verhalten` illegal ist und verstößt gegen das Gesetz, wir leisten auch generell keine Beihilfe, zur unerlaubten Installation
Kurz zusammengefast: Du musst dein System einfach neu installieren!
Aber wenigstens hast Du dann nach einer Neuinstallation wieder ein sauberes System, hoffentlich hast Du was draus gelernt und in Zukunft lässt die Finger von...

gruß
Cf
__________________

__________________

Antwort

Themen zu System Tool entfernen!
0x00000001, ?????, adobe after effects, antivir, autorun, avgntflt.sys, avira, bho, bonjour, c:\windows\system32\rundll32.exe, cs3/contributeieplugin.dll, defender, entfernen, error, excel, excel.exe, firefox, flash player, format, google, google earth, home, install.exe, location, locker, logfile, microsoft office 2003, mozilla, mywinlocker, nvlddmkm.sys, oldtimer, otl.exe, plug-in, programdata, realtek, recycle.bin, registry, rundll, saver, sched.exe, searchplugins, security, shell32.dll, shortcut, skype.exe, software, sptd.sys, start menu, system, third party, tracker, udp, usb 2.0, vista




Ähnliche Themen: System Tool entfernen!


  1. system tool
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (27)
  2. System Tool entfernen und dazugehörige Logfile
    Plagegeister aller Art und deren Bekämpfung - 20.03.2011 (20)
  3. System mit System-Tool befallen
    Plagegeister aller Art und deren Bekämpfung - 07.03.2011 (26)
  4. System Tool
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (21)
  5. System tool komplett entfernen.
    Log-Analyse und Auswertung - 26.02.2011 (5)
  6. System tool komplett entfernen.
    Mülltonne - 25.02.2011 (1)
  7. system tool entfernen
    Plagegeister aller Art und deren Bekämpfung - 21.02.2011 (20)
  8. Problem beim Entfernen von System Tool
    Plagegeister aller Art und deren Bekämpfung - 20.02.2011 (1)
  9. System Tool (Rückstände) entfernen
    Alles rund um Windows - 16.02.2011 (1)
  10. System tool kann ich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 16.02.2011 (13)
  11. Vollständiges Entfernen von System Tool
    Plagegeister aller Art und deren Bekämpfung - 13.02.2011 (16)
  12. System Tool
    Plagegeister aller Art und deren Bekämpfung - 23.01.2011 (18)
  13. System Tool entfernen, aber wie ?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2011 (43)
  14. System Tool
    Plagegeister aller Art und deren Bekämpfung - 11.01.2011 (2)
  15. System Tool entfernen
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (1)
  16. System tool
    Log-Analyse und Auswertung - 31.12.2010 (3)
  17. System Tool entfernen
    Anleitungen, FAQs & Links - 31.10.2010 (2)

Zum Thema System Tool entfernen! - Hey!!! und schönen Abend! Suche Hilfe beim Eliminieren meines <<System Tool>> Ärgernisses! Also, mal zu den Schritten, die ich unternommen hab bis jetz... - lalalala.exe Datein aus C:\ProgramData\lalala entfernt - - System Tool entfernen!...
Archiv
Du betrachtest: System Tool entfernen! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.