|
Plagegeister aller Art und deren Bekämpfung: rundl32.exe Probleme!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
19.05.2011, 13:49 | #1 |
| rundl32.exe Probleme! Hallo liebe Trojaner- Board Community. Ich habe schon seit einiger Zeit ein Problem mit rundl32.exe. Wenn ich mein Pc starte und den Taskmanager öffne habe ich unter "Prozesse" 2 mal "rundl32.exe" stehen. Das hatte mich einbisschen stutzig gemacht da die richtige Datei ja "rundll32.exe" heißt. Einen Tag darauf habe ich einen Freund gefragt was er dazu denkt, und er meinte gleich es seie ein Virus. Daraufhin haben wir die besagte Datei (rundl32.exe) gesucht und versucht zu löschen, aber immer wenn ich sie löschen wollte hat sich rundl32.exe immer wieder neu erstellt. Ich muss dazu sagen dass ich überhauptkeine Ahnung auf diesem Gebiet habe. Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:28:41, on 19.05.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Spiele\Steam\Steam.exe C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Users\°°\AppData\Roaming\system32\rundl32.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\PTBSync\PTBSync.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Users\°°\AppData\Roaming\system32\rundl32.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe D:\bla\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360910z506pe455v145w46k1t73o R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360910z506pe455v145w46k1t73o R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3203&r=17360910z506pe455v145w46k1t73o R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll (file missing) O2 - BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll O3 - Toolbar: COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing) O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PTBSync] C:\Program Files (x86)\PTBSync\PTBSync.exe /Start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HKLM] C:\Users\°°\AppData\Roaming\system32\rundl32.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Steam] "D:\Spiele\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [HKCU] C:\Users\°°\AppData\Roaming\system32\rundl32.exe O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Users\°°\AppData\Roaming\system32\rundl32.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Users\°°\AppData\Roaming\system32\rundl32.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mediafour M4LIC service (M4LIC) - Mediafour Corporation - C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: PCAutoShutdown_Service - GoldSolution Software, Inc. - C:\Program Files (x86)\PC Auto Shutdown\ShutdownService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Atomuhr Synchronisation (PTBSync) - ElmüSoft - C:\Program Files (x86)\PTBSync\PTBSync.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe -- End of file - 13971 bytes Wenn ich Links nicht posten darf bitte löschen oder mir sagen was Ich dazu ergänzen muss dass er stehn bleiben darf. mfg. Geändert von WeeD.StarR<3 (19.05.2011 um 14:13 Uhr) |
19.05.2011, 14:36 | #2 |
/// Malware-holic | rundl32.exe Probleme! hi,
__________________Systemscan mit OTL download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten.
__________________ |
19.05.2011, 15:02 | #3 |
| rundl32.exe Probleme!Extras.Txt Code:
ATTFilter OTL Extras logfile created on: 19.05.2011 15:43:23 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = D:\bla 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 65,00% Memory free 11,00 Gb Paging File | 9,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 290,95 Gb Total Space | 105,49 Gb Free Space | 36,26% Space Free | Partition Type: NTFS Drive D: | 291,00 Gb Total Space | 29,66 Gb Free Space | 10,19% Space Free | Partition Type: NTFS Drive N: | 1397,27 Gb Total Space | 1026,78 Gb Free Space | 73,48% Space Free | Partition Type: NTFS Computer Name: JPS | User Name: °° | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4197386500-3420756583-2761024722-1001\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG) Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [RapidShareManagerMail] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG) Directory [RapidShareManagerUpload] -- C:\Program Files (x86)\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{03136F9A-A046-B531-412F-C205BD64316C}" = ATI Catalyst Install Manager "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{111ABAC1-37EA-7E8C-C9E6-AB80915EEDD3}" = ATI AVIVO64 Codecs "{22421266-50FE-48AF-A536-20AE32563B22}" = Oracle VM VirtualBox 3.2.12 "{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU "{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU "{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{954AB6B3-B4B4-43C0-9355-DE8A888446D4}" = MacDrive 8 "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{A5EC1C89-DA8E-DD40-5157-530A1C2E500B}" = ccc-utility64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "81AE60DDD229A248055515E311406D86F7E4012A" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6) "CyberGhost VPN_is1" = CyberGhost VPN "LSI Soft Modem" = LSI PCI-SV92PP Soft Modem "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU "NVIDIA Drivers" = NVIDIA Drivers "SpeedCommander 13 (x64)" = SpeedCommander 13 (x64) "Unlocker" = Unlocker 1.9.1-x64 "WinGimp-2.0_is1" = GIMP 2.6.8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{039137CA-30DC-1540-1E8C-33869CAEA7B2}" = CCC Help English "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver "{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow "{098497EF-0004-FADA-7BD6-ABE17F1910FF}" = CCC Help Italian "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{165B6E55-1E3B-0929-66FF-77CCE0AD793C}" = Catalyst Control Center Graphics Light "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1D1D2C61-5DF5-20BD-1CAE-995C7F09856A}" = CCC Help Greek "{1E2D8EE2-6FE2-15C8-B091-0B80D8AB58A4}" = CCC Help Chinese Traditional "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F9BE94D-A52E-C005-878F-A9AC4E7BD3FE}" = Catalyst Control Center Core Implementation "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie "{2C193B20-9FAC-9AFB-EF0D-B9D57D59C427}" = CCC Help Turkish "{2C494A86-50CB-0C64-FB04-3993C4429DE5}" = CCC Help Norwegian "{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance "{324BB225-2A79-E08A-2421-7A4F38BBF541}" = CCC Help Hungarian "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{359B81BB-C2FD-691B-65AB-EAC26A685BE4}" = Catalyst Control Center Graphics Full New "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3DC26E05-22CD-38E4-63FE-A752EF4E918C}" = CCC Help Korean "{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A "{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm "{49B6F667-76EB-4E9D-ACD2-84B7437901C0}" = LG PC Suite II "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4D65780C-E307-1379-BAC8-B30E51363ECD}" = Catalyst Control Center Graphics Full Existing "{4E38B509-B471-A963-FB30-34E3D7F91421}" = Catalyst Control Center Localization All "{506E0320-F8A1-0983-09D9-33DFBBC425B4}" = CCC Help Chinese Standard "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R) "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{59A1E95E-D712-BF6B-5656-C690E1575B8D}" = Catalyst Control Center InstallProxy "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction "{7024FFDC-0D2D-B3AE-6B52-AF1F5503D9FF}" = CCC Help Portuguese "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R) "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{79A2DA7D-5EA4-B8A6-52D6-75A8F94CA6C5}" = CCC Help Thai "{79A743FA-FF99-42DF-8C35-BA40EAEA6668}" = Comic Sound Pack "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7DEAB00D-BE9B-8BE7-2941-76A6422B6F00}" = CCC Help Japanese "{7EDF7572-CC22-C22C-DF2B-BB28C14FBE4A}" = CCC Help Polish "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{82F5839A-6F7C-4528-9145-3C071383C734}" = PSPModKit v2.0 By Legend "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help "{834656D1-A7FC-46E4-9774-5359E18BD665}" = S4 League_EU "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{86E0CAC0-6DF8-416D-A195-31FEAD651191}" = MorphVOX Pro "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{888F8AC3-9E79-572B-4DF6-B30C3B82C4AB}" = CCC Help Czech "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box "{9B8EAE18-A459-2045-FA53-72ED67AD9138}" = CCC Help French "{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}" = Der Pate® II "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted "{A85BD682-BB11-EFDD-9ED1-93758072FA2D}" = CCC Help Danish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B547CB8D-549A-436E-97B5-E79F911B11E2}" = SDP Downloader "{B63FAB20-EA87-4C20-AA28-32DC973D5751}" = Pandora's GUI "{B77D544F-6D58-B8E4-62F4-8704A59CD186}" = CCC Help Russian "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}" = Tom Clancy's Splinter Cell Chaos Theory "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C58B395E-7C8F-F714-4A34-64520ED4E9DF}" = ccc-core-static "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{ccb6b889-f9d9-45fd-8a78-2a4f2e599441}" = Nero 9 Essentials "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D2734CE1-D0DD-9FEE-C5E6-038D442308F8}" = Catalyst Control Center Graphics Previews Vista "{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz "{D9144AC7-8565-B644-FB32-F38121545524}" = CCC Help German "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU "{E07C281D-F796-DB19-AFD7-3D186DE2D45F}" = CCC Help Finnish "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EAE8F6AB-68E8-4AA9-9518-F677090690B2}" = TubeBox! "{EB6C866D-1695-5781-7023-F1F806522213}" = CCC Help Spanish "{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial "{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer "{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "{FB354938-180A-5AE5-9BAC-6E3D1557CF08}" = CCC Help Dutch "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG) "{FE383B51-D6DA-CCAB-5B01-2F2042F1FAE4}" = CCC Help Swedish "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "ARGO" = ARGO Online "AudioConverter Studio_is1" = AudioConverter Studio 6.1 "AutoItv3" = AutoIt v3.3.6.1 "AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AVMWLANCLI" = AVM FRITZ!WLAN "Azureus" = Azureus "Cain & Abel v4.9.39" = Cain & Abel v4.9.39 "Collab" = Collab "Counter-Strike: Source v17" = Counter-Strike: Source v17 "Crysis WARHEAD(R)" = Crysis WARHEAD(R) "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "DivX Setup.divx.com" = DivX-Setup "EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 7.0.1 Home Edition "eDgMt2 Client v1" = eDgMt2 Client v1 "FileZilla Client" = FileZilla Client 3.3.5.1 "FL Studio 8" = FL Studio 8 "Fraps" = Fraps "Garena" = Garena 2010 "GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm "Granny Viewer_is1" = Granny Viewer 2.8.44.0 "Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Hotkey Utility" = Hotkey Utility "HyperCam 3" = HyperCam 3 "Identity Card" = Identity Card "IL Download Manager" = IL Download Manager "Infineon USB driver_is1" = Infineon USB driver 1.0.0.6 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager "InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM) "InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager "IrfanView" = IrfanView (remove only) "ISO Creator1.0" = ISO Creator "Just Cause 2_is1" = Just Cause 2 "Keylogger Detector" = Keylogger Detector "KompoZer_is1" = KompoZer 0.77 "Marvell Miniport Driver" = Marvell Miniport Driver "Metin2_is1" = Metin2 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU "Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de) "NeroMultiInstaller!UninstallKey" = Nero Suite "NoIPDUC" = No-IP DUC "Notepad++" = Notepad++ "Nvu_is1" = Nvu 1.0 "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "PC Auto Shutdown_is1" = PC Auto Shutdown 4.5 "PFPortChecker" = PFPortChecker 1.0.39 "phase5" = phase5 "Picasa 3" = Picasa 3 "PoiZone" = PoiZone "Postal 2_is1" = Portal 2 "PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.0 "PTBSync" = PTBSync (Atomuhr Synchronisation & Terminkalender) "PunkBusterSvc" = PunkBuster Services "QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0 "RapidShare Manager" = RapidShare Manager "SpeedFan" = SpeedFan (remove only) "SprayR" = SprayR 1.0 RC7b "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Steam App 12900" = Audiosurf "Steam App 205" = Source Dedicated Server "Steam App 211" = Source SDK "Steam App 218" = Source SDK Base 2007 "Steam App 240" = Counter-Strike: Source "Steam App 310" = Source Multiplayer Dedicated Server "Steam App 80" = Counter-Strike: Condition Zero "Steamless Homefront" = Steamless Homefront "Streamripper" = Streamripper (Remove only) "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "Toxic Biohazard" = Toxic Biohazard "Two Worlds II" = Two Worlds II "UltraISO_is1" = UltraISO Premium V9.36 "VLC media player" = VLC media player 1.1.5 "Warcraft III" = Warcraft III "Winamp" = Winamp "WinImage" = WinImage "WinLiveSuite_Wave3" = Windows Live Essentials "Winload Toolbar" = Winload Toolbar "WinPcapInst" = WinPcap 4.1.2 "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft "xampp" = XAMPP 1.7.0 "ZMatrix_is1" = ZMatrix 1.5.2 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4197386500-3420756583-2761024722-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG) "MAESTIA" = MAESTIA "Metin2_paliers_XP" = Metin2_paliers_XP "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
19.05.2011, 15:07 | #4 |
| rundl32.exe Probleme! Die OTL.Txt ist zu lang. (Hat über 100.000 Zeichen) Was mache ich jetz? Anhängen kann ich sie auch nicht, dafür ist die .Txt Datei zu groß. |
19.05.2011, 15:14 | #5 |
/// Malware-holic | rundl32.exe Probleme! wie wäre es mit packen :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
19.05.2011, 15:27 | #6 |
| rundl32.exe Probleme! Daran habe ich jetz garnicht gedacht :'D |
19.05.2011, 16:22 | #7 |
/// Malware-holic | rundl32.exe Probleme! falls du deinen nutzernamen unkenntlich gemacht hast, ersetze ihn im script! • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL O4 - HKU\S-1-5-21-4197386500-3420756583-2761024722-1001..\Run: [HKCU] C:\Users\°°\AppData\Roaming\system32\rundl32.exe (AZe) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\°°\AppData\Roaming\system32\rundl32.exe (AZe) O7 - HKU\S-1-5-21-4197386500-3420756583-2761024722-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\Users\°°\AppData\Roaming\system32\rundl32.exe (AZe) MsConfig:64bit - StartUpReg: HKCU - hkey= - key= - C:\Users\°°\AppData\Roaming\system32\rundl32.exe (AZe) MsConfig:64bit - StartUpReg: HKLM - hkey= - key= - C:\Users\°°\AppData\Roaming\system32\rundl32.exe (AZe) :Files C:\Users\°°\AppData\Roaming\system32 :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. öffne computer, öffne D: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. http://www.trojaner-board.de/54791-a...ner-board.html
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
19.05.2011, 16:41 | #8 |
| rundl32.exe Probleme!Code:
ATTFilter All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-4197386500-3420756583-2761024722-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully. C:\Users\°°\AppData\Roaming\system32\rundl32.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully. File C:\Users\°°\AppData\Roaming\system32\rundl32.exe not found. Registry value HKEY_USERS\S-1-5-21-4197386500-3420756583-2761024722-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Policies deleted successfully. File C:\Users\°°\AppData\Roaming\system32\rundl32.exe not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\HKCU\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\HKLM\ not found. ========== FILES ========== C:\Users\°°\AppData\Roaming\system32 folder moved successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrator User: All Users User: AppData User: Default User: Default User User: Public User: °° ->Flash cache emptied: 85276 bytes User: øø Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrator User: All Users User: AppData User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: °° ->Temp folder emptied: 4579363845 bytes ->Temporary Internet Files folder emptied: 213919885 bytes ->Java cache emptied: 3514818 bytes ->FireFox cache emptied: 522503020 bytes ->Flash cache emptied: 0 bytes User: øø ->Temporary Internet Files folder emptied: 1139260 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 155648 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 24322744 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50300 bytes RecycleBin emptied: 716289088 bytes Total Files Cleaned = 5.780,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 05192011_173242 Files\Folders moved on Reboot... C:\Users\°°\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\°°\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3A3560U\avatar-body[5].png moved successfully. C:\Users\°°\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NYVNK2L1\avatar-body[1].png moved successfully. Registry entries deleted on Reboot... EDIT Ich hab alles hochgeladen. Ist es das jetz schon gewesen? Fertig? Geändert von WeeD.StarR<3 (19.05.2011 um 16:50 Uhr) |
19.05.2011, 17:01 | #9 |
/// Malware-holic | rundl32.exe Probleme! nein. danke für den upload. bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu rundl32.exe Probleme! |
antivir, antivir guard, avg, avira, bho, cyberghost, desktop, down, excel, firefox, google, hijack, hijackthis, internet, internet explorer, locker, logfile, mozilla, mywinlocker, pando media booster, plug-in, problem, prozesse, rundll, software, speedupmypc, stick, system, syswow64, taskmanager, windows, winload toolbar, wlan |