|
Log-Analyse und Auswertung: Maleware und kritischer fehler beschädigte festplatteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
27.04.2011, 11:04 | #1 |
| Maleware und kritischer fehler beschädigte festplatte Hi, ich habe glaube ungefähr das selbe Problem wie hier schon diskutiert wurde. Leider weiß ich nicht ob ich die selben Lösungsschritte wie dort angezeigt gehen kann. Hatte ein Programm geöffnet, dann ging es auch schon los mit "Malware gefunden" und kritischer Fehler. Malwarebytes und OTL habe ich schon drüber laufen lassen, seitdem sind die Dateien wenigstens wieder "leicht" sichtbar. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6449 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 27.04.2011 02:30:09 mbam-log-2011-04-27 (02-29-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|) Durchsuchte Objekte: 371863 Laufzeit: 4 Stunde(n), 27 Minute(n), 48 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 1 Infizierte Dateien: 7 Infizierte Speicherprozesse: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 2052 -> No action taken. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\Recycle.Bin (Trojan.Spyeyes) -> No action taken. Infizierte Dateien: c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> No action taken. c:\programdata\41475848.exe (Trojan.FakeAlert) -> No action taken. c:\Users\Dennis\AppData\Local\Temp\-213E8.tmp (Trojan.Agent) -> No action taken. c:\Users\Dennis\AppData\Local\Temp\tmpD1B7.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\Dennis\Desktop\office professional plus 2010 (x86) vl - (german)\aktivieren\mini-kms_activator_v1.052.exe (Riskware.Keygen) -> No action taken. c:\Recycle.Bin\recycle.bin.exe (Trojan.SpyEyes) -> No action taken. c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> No action taken. Und OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.04.2011 12:34:07 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dennis\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 32,97 Gb Free Space | 22,12% Space Free | Partition Type: NTFS Drive D: | 142,21 Gb Total Space | 142,11 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: ASUS-PC | User Name: Dennis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Dennis\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\ASScrPro.exe () PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Windows\KMService.exe () PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\P4G\BatteryLife.exe (ATK) PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS) PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Windows\System32\lpksetup.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Windows\System32\ASUSTPE.exe (ASUS) PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Program Files\Wireless Console 2\wcourier.exe () PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe () PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100) PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe () PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe () PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe () PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe () PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) PRC - C:\Windows\System32\srvany.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Dennis\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe () SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe () SRV - (KMService) -- C:\Windows\System32\srvany.exe () ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Codename Longhorn DDK provider) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider) DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys () DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.) DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig" FF - prefs.js..extensions.enabledItems: {29c4afe1-db19-4298-8785-fcc94d1d6c1d}:0.6.2009110501 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.15 21:16:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.15 21:16:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 12:31:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 12:31:19 | 000,000,000 | ---D | M] [2010.12.05 14:31:54 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Extensions [2011.04.26 18:08:08 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions [2010.12.07 22:54:22 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.12.19 18:23:57 | 000,000,000 | -H-D | M] ("Split Browser") -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d} [2011.02.21 01:45:33 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.03.14 17:13:03 | 000,000,000 | -H-D | M] (Modify Headers) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe} [2011.04.23 13:04:08 | 000,000,000 | -H-D | M] (Firebug) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\uo6zsqnn.default\extensions\firebug@software.joehewitt.com [2011.03.04 20:33:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011.01.14 00:10:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.30 15:44:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.03.04 20:33:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.04.15 21:16:42 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.04.15 21:16:42 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.03.08 00:25:24 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.03.08 00:25:24 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.03.08 00:25:24 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.03.08 00:25:24 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.03.08 00:25:24 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe () O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [DisableS3S4] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [4E3E0230AEBB4E96] C:\Recycle.Bin\Recycle.Bin.exe (Macromedia, Inc.) O4 - HKCU..\Run: [D3dxml] C:\Users\Dennis\AppData\Roaming\Netlib\realfree.exe () O4 - HKCU..\Run: [iLike] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{8774cb23-1d6f-11e0-8e45-00248c82003d}\Shell - "" = AutoRun O33 - MountPoints2\{8774cb23-1d6f-11e0-8e45-00248c82003d}\Shell\AutoRun\command - "" = H:\SETUP.EXE O33 - MountPoints2\{8774cb23-1d6f-11e0-8e45-00248c82003d}\Shell\configure\command - "" = H:\SETUP.EXE O33 - MountPoints2\{8774cb23-1d6f-11e0-8e45-00248c82003d}\Shell\install\command - "" = H:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.27 12:23:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe [2011.04.26 21:53:26 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011.04.26 21:53:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2011.04.26 21:53:21 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.04.26 21:51:04 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes [2011.04.26 21:50:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.26 21:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.26 21:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.26 21:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.04.26 18:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies [2011.04.26 18:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner [2011.04.26 18:09:36 | 127,222,215 | ---- | C] (Igor Pavlov) -- C:\Users\Dennis\Desktop\OTLPENet.exe [2011.04.23 18:33:31 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\AppData\Roaming\Netlib [2011.04.23 10:34:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\WindowsSearch [2011.04.22 17:59:41 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\AppData\Roaming\dvdcss [2011.04.21 22:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pdf24 [2011.04.15 21:52:19 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\AppData\Roaming\vlc [2011.04.15 21:47:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.04.15 21:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011.04.15 21:36:13 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2011.04.15 21:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs [2011.04.15 21:35:09 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\AppData\Roaming\VistaCodecs [2011.04.15 21:35:01 | 000,000,000 | ---D | C] -- C:\Program Files\VistaCodecPack [2011.04.15 21:32:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\VistaCodecs [2011.04.15 21:31:59 | 025,507,087 | -H-- | C] (Shark007) -- C:\Users\Dennis\Desktop\VistaCodecsv592.exe [2011.04.15 21:16:18 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\AppData\Roaming\DivX [2011.04.15 21:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2011.04.15 21:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.04.15 21:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2011.04.15 21:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2011.04.15 21:12:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\DivX [2011.04.15 12:37:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.15 12:37:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.15 12:37:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 12:37:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.15 12:37:36 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.15 12:37:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.15 12:37:36 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.15 12:37:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.15 12:37:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 12:37:35 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.15 12:37:35 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.15 12:37:34 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.15 12:37:34 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.15 12:37:34 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 12:37:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.15 12:37:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.15 12:37:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.15 12:37:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.15 12:37:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.15 12:37:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.15 12:37:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.15 12:37:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.15 12:37:31 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 12:37:31 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.15 12:37:31 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.15 12:37:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 12:37:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.15 12:37:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.15 12:37:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.15 12:37:29 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.15 12:37:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.15 12:37:28 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.15 12:37:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 12:37:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 12:37:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.15 12:37:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.15 12:37:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.15 12:37:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.15 12:37:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.14 23:43:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.14 23:43:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.14 23:43:20 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.14 23:43:19 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.14 23:43:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.14 23:43:01 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.03.30 20:33:11 | 000,000,000 | -H-D | C] -- C:\Users\Dennis\Desktop\login1und1 [2010.12.21 15:50:50 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe1D23.dll [2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll [2008.06.03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [2008.05.22 01:38:59 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2011.04.27 12:39:40 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.27 12:39:40 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.27 12:39:40 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.27 12:39:40 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.27 12:32:38 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2011.04.27 12:32:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.27 12:31:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 12:31:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 12:31:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.27 12:31:02 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys [2011.04.27 12:23:03 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe [2011.04.27 12:16:04 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.26 21:50:52 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.26 18:26:00 | 127,222,215 | ---- | M] (Igor Pavlov) -- C:\Users\Dennis\Desktop\OTLPENet.exe [2011.04.26 17:54:42 | 000,487,424 | -H-- | M] () -- C:\ProgramData\41475848.exe [2011.04.23 12:55:45 | 001,271,293 | -H-- | M] () -- C:\Users\Dennis\Documents\firebug-1.7.0.zip [2011.04.22 18:00:21 | 000,048,640 | -H-- | M] () -- C:\Users\Dennis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.21 22:55:16 | 000,001,660 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk [2011.04.20 21:26:22 | 000,001,112 | -H-- | M] () -- C:\Users\Dennis\Desktop\Free YouTube Download.lnk [2011.04.19 00:47:38 | 000,001,039 | -H-- | M] () -- C:\Users\Dennis\Desktop\DVDVideoSoft Free Studio.lnk [2011.04.19 00:47:04 | 000,001,198 | -H-- | M] () -- C:\Users\Dennis\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.15 21:47:38 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.15 21:46:09 | 020,533,281 | -H-- | M] () -- C:\Users\Dennis\Desktop\vlc-1.1.9-win32.exe [2011.04.15 21:32:30 | 025,507,087 | -H-- | M] (Shark007) -- C:\Users\Dennis\Desktop\VistaCodecsv592.exe [2011.04.15 12:37:57 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011.04.15 12:37:57 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011.04.15 12:37:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.15 12:37:37 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.15 12:37:37 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 12:37:36 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.15 12:37:36 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.15 12:37:36 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.15 12:37:36 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.15 12:37:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.15 12:37:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 12:37:35 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.15 12:37:35 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.15 12:37:34 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.15 12:37:34 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.15 12:37:34 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 12:37:34 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.15 12:37:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.15 12:37:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.15 12:37:34 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.04.15 12:37:34 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.15 12:37:32 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.15 12:37:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.15 12:37:32 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.15 12:37:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.15 12:37:31 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 12:37:31 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.15 12:37:31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.15 12:37:29 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 12:37:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.15 12:37:29 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.15 12:37:29 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.15 12:37:29 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.15 12:37:29 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.15 12:37:28 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.15 12:37:28 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 12:37:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 12:37:28 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.15 12:37:27 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.15 12:37:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.15 12:37:27 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.15 12:37:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.15 12:22:55 | 000,452,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.13 18:25:15 | 000,000,019 | -H-- | M] () -- C:\Users\Dennis\Desktop\phpinfo.php [2011.04.06 01:46:03 | 000,035,892 | -H-- | M] () -- C:\Users\Dennis\Desktop\WEBDE_RG_729125559.pdf ========== Files Created - No Company Name ========== [2011.04.26 21:50:52 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.26 17:54:42 | 000,487,424 | -H-- | C] () -- C:\ProgramData\41475848.exe [2011.04.26 01:23:27 | 3220,463,616 | -HS- | C] () -- C:\hiberfil.sys [2011.04.23 12:56:38 | 001,319,778 | -H-- | C] () -- C:\Users\Dennis\Documents\firebug-1.7.0.xpi [2011.04.23 12:55:40 | 001,271,293 | -H-- | C] () -- C:\Users\Dennis\Documents\firebug-1.7.0.zip [2011.04.21 22:55:16 | 000,001,660 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk [2011.04.20 21:26:22 | 000,001,112 | -H-- | C] () -- C:\Users\Dennis\Desktop\Free YouTube Download.lnk [2011.04.19 00:47:24 | 000,001,039 | -H-- | C] () -- C:\Users\Dennis\Desktop\DVDVideoSoft Free Studio.lnk [2011.04.19 00:47:04 | 000,001,198 | -H-- | C] () -- C:\Users\Dennis\Desktop\Free YouTube to MP3 Converter.lnk [2011.04.15 21:47:38 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.04.15 21:45:31 | 020,533,281 | -H-- | C] () -- C:\Users\Dennis\Desktop\vlc-1.1.9-win32.exe [2011.04.15 12:37:34 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.04.06 01:46:03 | 000,035,892 | -H-- | C] () -- C:\Users\Dennis\Desktop\WEBDE_RG_729125559.pdf [2011.02.10 17:51:58 | 003,075,072 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2011.01.11 16:30:10 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe [2011.01.11 16:30:10 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2010.12.29 10:24:33 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010.12.29 02:23:14 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010.12.21 17:11:40 | 000,000,680 | -H-- | C] () -- C:\Users\Dennis\AppData\Local\d3d9caps.dat [2010.12.19 17:49:55 | 000,048,640 | -H-- | C] () -- C:\Users\Dennis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.06 17:23:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.12.06 17:23:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.12.06 15:22:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.10.01 00:11:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2010.10.01 00:05:35 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe [2010.10.01 00:05:25 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe [2010.09.30 23:08:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.06.23 12:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.06.23 12:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.03.23 14:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll [2010.03.15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008.07.02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.06.10 16:13:01 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008.06.10 15:38:37 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008.06.10 11:50:17 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg [2008.05.22 01:40:59 | 001,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2008.05.22 01:38:59 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2008.05.22 01:38:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2008.03.05 14:38:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2007.08.06 19:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2007.04.18 23:07:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,452,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.03.09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.04.2011 12:34:07 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dennis\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 32,97 Gb Free Space | 22,12% Space Free | Partition Type: NTFS Drive D: | 142,21 Gb Total Space | 142,11 Gb Free Space | 99,93% Space Free | Partition Type: NTFS Computer Name: ASUS-PC | User Name: Dennis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{E1D4EA60-2866-4920-9F9E-D6E54975B9C2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{054B4875-48F4-466B-A4F5-AFEE1EF574F8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{0E404100-280C-49EF-8165-C5C25982D448}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{157458BB-6129-426B-89FE-0ABEDEFEBF0A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{2DE4D37B-B58E-468B-A091-B459E14B39CF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{3FC5B74B-37F5-492E-B32E-83FDFEBBE56B}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{427ADE81-0F34-4577-8F9F-33FC1A263F0D}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | "{4380B64E-1AEC-40B9-9385-6298AC8C1ADF}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{57D761CC-9EC0-485F-B2D9-B5AF9C062192}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{6E212B51-3C87-43CB-92AE-4651E59449D3}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{72C2434B-0B96-4824-B6DA-382E8292FB3C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{852FB5F2-3973-497A-8B61-BCC3F6CC6D0F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{88BC6338-C1AA-4D47-ACA5-764EFB84CB85}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{98DA49B8-7E63-4AAE-9CA7-C8F6BFE0A023}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{A825782E-63D5-44F6-ADEF-2D3A6DA01536}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{AE805B7E-3506-4DA6-BA97-D5171C1A1C10}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{BFE0DDAD-5A61-4B2C-BE59-E2DA71C15ACB}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | "{D3C4FDB3-A9C3-4FD6-9E6A-EE3FAA18171F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{D85AAF82-8871-4B7A-810B-E7EA9C7AC07C}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{E04F99C5-82A2-4510-ABE1-10B2B4CE97FC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{F2FC6A94-BF2C-4B1E-8045-CB0887442A21}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "TCP Query User{7BC79A3E-58C2-49E3-B9F8-A0426ED1D5CF}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe | "TCP Query User{89E0D403-777A-443C-B120-EB9BC2A79E6A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{8A05DD93-6AA8-4563-B0F6-F89F1FFA182E}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{E38BA290-D403-457B-8E86-6141732DCF75}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{F114DA3E-740A-4300-95E1-2FD2D1E85B72}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{10798AD5-F4C0-4919-A543-DF102A7E9175}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{52459BE7-8BBB-4750-9616-EE0448ED087D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{65037420-D1C5-4886-886B-5AD943A7E4FE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{99612308-8D15-4DD5-93E5-69FE80AB45BA}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{BE583798-0F57-4848-947E-5C4041D8A1A5}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{061034DA-ED68-4BDD-ACB9-4D0C6F90878F}" = MAGIX Music Maker 17 Trial (Soundpaket) "{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{096EB4FC-E110-8426-4295-CE869349527C}" = Catalyst Control Center Localization Turkish "{0C7D5C27-49E4-3273-5B83-EE608FFD7FA8}" = Catalyst Control Center Localization Swedish "{0D37C7F0-2C9B-692C-4657-3A1BDD9F67C8}" = CCC Help French "{11D9CBD3-17FF-1456-47DA-0817FD09816B}" = CCC Help Spanish "{18C8C1F6-A36A-A42E-1FB2-D9B3ECF538AD}" = CCC Help Finnish "{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24 "{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program "{28F332E8-7A90-512B-E222-67013949139E}" = ccc-utility "{29A1D086-A174-485A-1577-ED3E98CEB391}" = Catalyst Control Center Localization Polish "{29DCE677-70BB-A83C-F7B3-D2E5C31748B9}" = CCC Help Russian "{2A1598E3-4CB4-545A-A824-F7921E31167E}" = Catalyst Control Center Localization Greek "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00 "{300DFCBA-348B-4FD6-AE50-1D3CDFEE6314}" = MAGIX Speed burnR (MSI) "{32EC3CBE-4A4A-2BB7-2BB6-F5A49902A6EE}" = Skins "{336DA7E1-35FC-67C7-2A6A-1E048D661B35}" = Catalyst Control Center Localization Dutch "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3BDAD4E1-5A70-E9BF-CA71-05C9DA49040B}" = CCC Help Hungarian "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E5CBADD-2E51-47C1-BBE2-B802DB6DA56A}" = Meta Trader - Forex Place 4.00 "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{4583D057-A120-6B48-7BCE-FDFC86556C4C}" = Catalyst Control Center Localization Czech "{484E9C72-90B3-0E72-69FB-02826E25EDF3}" = ATI Catalyst Install Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C5D72D0-CDFE-3952-C813-FA2F52FB2C87}" = CCC Help Greek "{4F5D7C1B-6CB0-F45C-F83E-A1FC98FA2C0B}" = CCC Help Italian "{54E77B08-4375-4584-7363-ECE88A784013}" = Catalyst Control Center Localization German "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61A55572-0E51-F389-583C-55EBAA4ED575}" = CCC Help Japanese "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon "{66433C66-28B6-7E2B-9B77-66D10E5E055F}" = CCC Help Polish "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AB9A96D-C554-E68F-FD7A-8991C99AA497}" = Catalyst Control Center Graphics Previews Vista "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect "{6CF61AF4-F808-9114-E34A-72831AC7660E}" = CCC Help English "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EABC0D-94EB-E569-877E-7BC634A67F0D}" = Catalyst Control Center Localization Russian "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{81042C93-7A00-71BC-51E9-768A6F849DA2}" = CCC Help Czech "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.9 "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{86520F07-CEA2-5681-39CA-DF844C659E16}" = CCC Help Swedish "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D4BD33B-0429-A9D3-B4B8-68D956F8EE95}" = Catalyst Control Center Localization Chinese Traditional "{8E50189D-A1B3-3929-5D2F-EC405F7C8A3D}" = CCC Help Chinese Standard "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme "{9D38CCB7-DE05-A447-8651-8231BC2656BC}" = Catalyst Control Center Graphics Full New "{9D77BA02-5C15-BA02-B338-FA9351D4140D}" = CCC Help Turkish "{9E18CB28-70FE-F6F6-9ED9-A661FF87C1AB}" = ccc-core-static "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A5D74142-6C1B-5CE3-0D76-A41504FBDC47}" = CCC Help Danish "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA7D6DB6-9D3F-4CB9-31C0-B4794E0D75D5}" = Catalyst Control Center Localization Danish "{AB75B59E-07C8-084F-5C7F-E3567ABB4248}" = Catalyst Control Center Localization Japanese "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{AE6370D7-4926-E5C2-705C-9B98B4600C09}" = CCC Help German "{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}" = Cisco Systems VPN Client 5.0.07.0290 "{B1DA213E-4EE2-19F4-277E-81C0E0487076}" = CCC Help Chinese Traditional "{B85A4462-E53C-932E-42EF-2506755EC9A1}" = Catalyst Control Center Localization Thai "{BE426BC1-F401-1E0A-1334-FED883491077}" = Catalyst Control Center InstallProxy "{BEDB89F5-DF1A-D1E3-A99F-8E64C3BFB934}" = CCC Help Korean "{BFD373DA-A54D-C040-AD6C-3A1A7FFDA880}" = Catalyst Control Center Localization Italian "{C3E314F1-A53F-D3D7-D7C2-7D0345D6C5D6}" = Catalyst Control Center Graphics Previews Common "{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth "{CBCF8E27-A027-CBBD-0F01-58DB1D0E8CF1}" = Catalyst Control Center Localization Chinese Standard "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE560B9B-2991-FE0A-3A78-E053CF94B3DC}" = Catalyst Control Center Localization Norwegian "{CF5E038B-B6FF-A325-A448-1A02AF57340A}" = CCC Help Portuguese "{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media "{D1F23CD0-D2B0-FEA3-E015-2F50BC64B1F4}" = Catalyst Control Center Graphics Full Existing "{D3224046-1642-9CA4-0908-86EA5F76EBDC}" = Catalyst Control Center Localization Portuguese "{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service "{D700ADD4-F389-3EE6-9B9E-2EEFF23B68A2}" = Catalyst Control Center Localization French "{D7DACC88-5011-78D1-5AB8-8967AC37C190}" = Catalyst Control Center Localization Hungarian "{DA96BC7A-8208-73CB-CDFB-6B07CC6033D5}" = Catalyst Control Center Localization Finnish "{DB1384E7-B98E-7482-4FF5-401A8F852D84}" = CCC Help Thai "{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare "{E1B05228-9CC4-2702-E106-76D70B4BDDFA}" = Catalyst Control Center Core Implementation "{E1EC5742-3B54-3E4A-3EEA-DA779ED38FE1}" = CCC Help Norwegian "{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}" = Catalyst Control Center - Branding "{E635F30D-FA08-C46B-0BB8-903A1EA04342}" = Catalyst Control Center Graphics Light "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EC977620-330D-EC0B-A937-EEFF183AE912}" = CCC Help Dutch "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F596720A-C838-3830-703A-5B3906E277AB}" = Catalyst Control Center Localization Korean "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F99A4B91-B160-B60D-876E-0CF895E15E06}" = Catalyst Control Center Localization Spanish "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package "2AC3FDB3CA84A15457E2913782F56F2FC0C159EC" = Windows Driver Package - Sonix (SNP2UVC) Image (05/26/2008 6.5801.22.005) "35571DCFE9EE772A7DCB44034C6A30469830BCED" = Windows Driver Package - Atheros Communications Inc. (athr) Net (05/07/2008 7.4.2.75) "5901E1480978AB6092FD46CF66FC02A3FE28CB3D" = Windows Driver Package - Sonix (SNP2UVC) Image (10/19/2007 061.005.028.250) "7AF6BDFA99FCCBAD47ABE15B547714FFE9566D75" = Windows Driver Package - Agere (AgereSoftModem) Modem (03/21/2008 2.1.88) "A5C366DD295E32F045AECC5DF5E57CB9E16BFEBC" = Windows Driver Package - Atheros Communications Inc. Net (05/07/2008 7.4.2.75) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AliceHilfe 1.0.0.1" = AliceHilfe "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "B2D77219EA92969EC5E916FA160EEF7268C17D17" = Windows Driver Package - Chicony,(EM2760) (DCamUSBET) Image (02/05/2008 061.005.033.070) "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup.divx.com" = DivX-Setup "ElsterFormular für Unternehmer 12.1.1.6214u" = ElsterFormular für Unternehmer "FileZilla Client" = FileZilla Client 3.4.0 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free Video Dub_is1" = Free Video Dub version 1.8.10 "Free YouTube Download_is1" = Free YouTube Download version 2.10.33.324 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324 "MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16) "Notepad++" = Notepad++ "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Uninstall_is1" = Uninstall 1.0.0.1 "Update Service" = Sony Ericsson Update Service "USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam "VLC media player" = VLC media player 1.1.9 "WinRAR archiver" = WinRAR "XMedia Recode" = XMedia Recode 2.3.0.4 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.04.2011 20:53:34 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung GUARDGUI.EXE, Version 10.0.1.7, Zeitstempel 0x4b751f06, fehlerhaftes Modul dll.dll, Version 0.0.0.0, Zeitstempel 0x4d776bbf, Ausnahmecode 0xc0000005, Fehleroffset 0x000026ee, Prozess-ID 0x22b0, Anwendungsstartzeit 01cc0150dcc008da. Error - 22.04.2011 20:53:34 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung wmplayer.exe, Version 11.0.6002.18311, Zeitstempel 0x4c8e2d72, fehlerhaftes Modul dll.dll, Version 0.0.0.0, Zeitstempel 0x4d776bbf, Ausnahmecode 0xc0000005, Fehleroffset 0x000026ee, Prozess-ID 0x2288, Anwendungsstartzeit 01cc0150dc2d3eba. Error - 22.04.2011 20:54:52 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung SearchProtocolHost.exe, Version 7.0.6002.18005, Zeitstempel 0x49e0244d, fehlerhaftes Modul dll.dll, Version 0.0.0.0, Zeitstempel 0x4d776bbf, Ausnahmecode 0xc0000005, Fehleroffset 0x000026ee, Prozess-ID 0x2434, Anwendungsstartzeit 01cc0150e3fc257a. Error - 22.04.2011 20:56:02 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung mobsync.exe, Version 6.0.6001.18000, Zeitstempel 0x47918e41, fehlerhaftes Modul dll.dll, Version 0.0.0.0, Zeitstempel 0x4d776bbf, Ausnahmecode 0xc0000005, Fehleroffset 0x000026ee, Prozess-ID 0x2248, Anwendungsstartzeit 01cc0150dbfb805a. Error - 22.04.2011 21:05:34 | Computer Name = ASUS-PC | Source = VSS | ID = 12289 Description = Error - 22.04.2011 21:06:54 | Computer Name = ASUS-PC | Source = VSS | ID = 12289 Description = Error - 22.04.2011 21:06:56 | Computer Name = ASUS-PC | Source = VSS | ID = 12289 Description = Error - 22.04.2011 21:17:26 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18294, Zeitstempel 0x4c6a9898, fehlerhaftes Modul dll.dll, Version 0.0.0.0, Zeitstempel 0x4d776bbf, Ausnahmecode 0xc0000005, Fehleroffset 0x000026ee, Prozess-ID 0x23f8, Anwendungsstartzeit 01cc0150e1e5536a. Error - 22.04.2011 21:20:28 | Computer Name = ASUS-PC | Source = WinMgmt | ID = 10 Description = Error - 22.04.2011 21:23:27 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung dAmLSTWYyWMb.exe, Version 1.8.0.0, Zeitstempel 0x21475346, fehlerhaftes Modul USER32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e0380e, Ausnahmecode 0xc0000409, Fehleroffset 0x00065276, Prozess-ID 0x6b8, Anwendungsstartzeit 01cc01548511549e. [ System Events ] Error - 29.12.2010 04:24:19 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 30.12.2010 08:04:05 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 30.12.2010 08:32:14 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 30.12.2010 08:55:09 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 30.12.2010 12:01:38 | Computer Name = ASUS-PC | Source = DCOM | ID = 10010 Description = Error - 30.12.2010 12:01:38 | Computer Name = ASUS-PC | Source = DCOM | ID = 10010 Description = Error - 31.12.2010 08:06:59 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 01.01.2011 09:55:12 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 02.01.2011 07:11:37 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 03.01.2011 05:21:01 | Computer Name = ASUS-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = < End of report > Also jetzt: AntiVir meldet TR/Kazy.mekml.1, OTLogfile - Standard AW: AntiVir meldet TR/Kazy.mekml.1, OTLogfile • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL :Files C:\ProgramData\vKECjCxHfiQS.exe :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. lade unhide: hxxp://download.bleepingcomputer.com/grinler/unhide.exe doppelklicken, dateien werden sichtbar öffne computer, öffne C: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. Anleitung: UploadChannel - Trojaner-Board |
27.04.2011, 12:37 | #2 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte machst du onlinebanking einkäufe oder sonst was wichtiges mit dem pc?
__________________• Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL O4 - HKCU..\Run: [4E3E0230AEBB4E96] C:\Recycle.Bin\Recycle.Bin.exe (Macromedia, Inc.) O4 - HKCU..\Run: [D3dxml] C:\Users\Dennis\AppData\Roaming\Netlib\realfree.exe () :Files C:\Users\Dennis\AppData\Roaming\Netlib\ C:\Recycle.Bin :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. lade unhide: http://www.trojaner-board.de/54791-a...ner-board.html
__________________ |
27.04.2011, 13:25 | #3 |
| Maleware und kritischer fehler beschädigte festplatte Hi Markus,
__________________ja onlinebanking kommt schon öfters vor Code:
ATTFilter All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\4E3E0230AEBB4E96 deleted successfully. C:\Recycle.Bin\Recycle.Bin.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\D3dxml deleted successfully. C:\Users\Dennis\AppData\Roaming\Netlib\realfree.exe moved successfully. ========== FILES ========== C:\Users\Dennis\AppData\Roaming\Netlib folder moved successfully. C:\Recycle.Bin folder moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: ASUS ->Flash cache emptied: 531 bytes User: Default User: Default User User: Dennis ->Flash cache emptied: 110097 bytes User: Public Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: ASUS ->Temp folder emptied: 133058 bytes ->Temporary Internet Files folder emptied: 155920 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 45797901 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33214 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Dennis ->Temp folder emptied: 357550004 bytes ->Temporary Internet Files folder emptied: 414292176 bytes ->Java cache emptied: 1406545 bytes ->FireFox cache emptied: 99702241 bytes ->Flash cache emptied: 456 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 58127476 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 741 bytes RecycleBin emptied: 779147412 bytes Total Files Cleaned = 1.675,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 04272011_144701 Files\Folders moved on Reboot... File\Folder C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4DFEQXD\ac[1].htm not found! Registry entries deleted on Reboot... Vielen Dank schonmal Dennis Geändert von bromet (27.04.2011 um 13:42 Uhr) Grund: Dateien wurden hochgeladen |
27.04.2011, 16:32 | #4 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte hi, sofort die bank anrufen, onlinebanking sperren. du hast nen spyeye trojaner, wir können nicht garantieren das wir das system sauber bekommen, deswegen daten sichern neu aufsetzen. falls erwünscht erkläre ich dir wie du das system absicherst
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
27.04.2011, 19:42 | #5 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Maleware und kritischer fehler beschädigte festplatte format c: auch deswegen Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
27.04.2011, 19:43 | #6 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte danke für diesen hinweis
__________________ --> Maleware und kritischer fehler beschädigte festplatte |
27.04.2011, 19:58 | #7 |
| Maleware und kritischer fehler beschädigte festplatte Hi, ok vielen Dank, werd ich morgen sofort machen. Wie gehts jetzt weiter? Ich hab keine Ahnung was ich als nächsten Schritt tun soll. Und was ist mit dem office 2010 ?! Edit: Ah heisst das dass was ich brauche auf eine externe Festplatte und dann einmal PC platt machen?! Also wäre super wenn du mir erklären kannst wie ich das System absichere. Gruß Dennis Geändert von bromet (27.04.2011 um 20:13 Uhr) |
27.04.2011, 20:08 | #8 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte erst mal daten sichern.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
27.04.2011, 22:35 | #9 |
| Maleware und kritischer fehler beschädigte festplatte besteht nicht die Möglichkeit das ich die Trojaner nachher auch auf der externen hab wenn ich jetzt darauf meine daten sicher!? |
28.04.2011, 10:21 | #10 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte nein, aber wir prüfen die platte nach absicherung des pcs sowieso um dann sicher zu gehen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
28.04.2011, 13:15 | #11 |
| Maleware und kritischer fehler beschädigte festplatte Hi Markus, meine daten sind auf der externen gesichert. Es kann also losgehen. |
28.04.2011, 15:04 | #12 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte nutzt du eine recovery cd, partition oder windows cd? weist du wie das mit dem formatieren abläuft oder benötigst du ne anleitung?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
28.04.2011, 15:23 | #13 |
| Maleware und kritischer fehler beschädigte festplatte Also ich hab Windows 7 von der Seite meiner Hochschule runtergeladen und habs jetzt auf der Externen. Aber das ist ja nur das Betriebssystem, hatte kurzzeitig gedacht das geht damit. Um das einlegen einer CD komm ich ja gar nicht rum Ich werde also die Windows CD benutzen und nehme an, das ich dann den Laptop von der CD aus booten lasse, oder?! Edit: Braucht man unbedingt eine der CDs oder kann man das auch ohne/anderst machen!? Meine "Utensilien" sind 50km von mir entfernt^^ Geändert von bromet (28.04.2011 um 15:35 Uhr) |
28.04.2011, 16:36 | #14 |
/// Malware-holic | Maleware und kritischer fehler beschädigte festplatte ist das ne iso datei von der hochscule? du kannst dir mal iso burner laden und dann das teil von der unni auf cd brennen, isoburner starten und mal nen doppelklick auf das gedownloadete
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
28.04.2011, 16:41 | #15 |
| Maleware und kritischer fehler beschädigte festplatte Nein. heisst "Download_for_Windows_7_Professional_with_Service_Pack_1_x86_de.exe" |
Themen zu Maleware und kritischer fehler beschädigte festplatte |
antivir, avgntflt.sys, avira, bho, converter, desktop, document, error, excel, festplatte, firefox, flash player, gfnexsrv.exe, google earth, helper, home, install.exe, location, logfile, maleware, maleware kritischer fehler, malware, malware gefunden, microsoft office word, moved, mp3, oldtimer, otlogfile, plug-in, problem, programm, realtek, recycle.bin, riskware.keygen, riskware.tool.ck, saver, scan, sched.exe, searchplugins, security, senden, shark, shell32.dll, software, sptd.sys, start menu, trojaner-board, unhide, usb 2.0, vista |