| |
| |||||||
Log-Analyse und Auswertung: Fehlermeldung Catalyst Control CenterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.05.2011, 16:16
| #1 |
 |  Fehlermeldung Catalyst Control Center Hallo, angefangen hat das Problem mit der Fehlermeldung Catalyst Control Center. Dazu kam noch das keine Dateien am Desktop oder im Explorer sichtbar waren. Ich habe die Fehlermeldung bei Google eingegeben und bin direkt auf dieses Forum gestoßen. Dabei ist mir ein Thema aufgefallen und habe das Program unhide.exe ausgeführt. Die Fehlermeldung ist jetzt weg und es werden auch wieder alle Dateien angezeigt. Ich kann mir aber nicht vorstellen das es mit dieser einen Aktion schon gewesen ist. Deswegen habe ich OTL drüber lassen und hoffe ihr könnt mir helfen. Vielen Dank schon mal im Voraus. Even Und Hier die Log-Dateien von OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 29.05.2011 16:42:59 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\user\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 73,16% Memory free 7,50 Gb Paging File | 6,44 Gb Available in Paging File | 85,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 234,28 Gb Total Space | 204,13 Gb Free Space | 87,13% Space Free | Partition Type: NTFS Drive D: | 108,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive X: | 231,18 Gb Total Space | 219,88 Gb Free Space | 95,11% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.05.29 16:41:09 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe ========== Modules (SafeList) ========== MOD - [2011.05.29 16:41:09 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe MOD - [2010.11.21 05:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.11.08 22:10:00 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.04.01 17:07:25 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.04.01 17:07:25 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.12.02 02:57:57 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2009.11.08 22:11:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009.11.08 22:10:00 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.09.30 13:58:28 | 001,304,576 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C ED 52 D4 B3 17 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FD DC 3D 02 D1 94 CB 4D 8E 58 34 17 76 93 29 B1 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.05.21 16:10:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.24 17:28:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.21 16:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions [2011.05.21 16:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\nrsrmvds.default\extensions [2011.05.21 16:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions File not found (No name found) -- () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NRSRMVDS.DEFAULT\EXTENSIONS\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.XPI [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [iTunesHelper] File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.05.28 12:41:46 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics [2011.05.28 11:59:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes [2011.05.28 11:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.05.28 11:59:35 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.05.28 09:30:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery [2011.05.27 21:20:36 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\MP3s [2011.05.27 19:48:29 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\USB kingston [2011.05.27 15:28:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\SysWoW32 [2011.05.27 15:27:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753 [2011.05.25 09:37:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\HP [2011.05.24 17:29:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Apple Computer [2011.05.24 17:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.05.24 17:29:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.05.24 17:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.05.24 17:29:11 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple Computer [2011.05.24 17:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.05.24 17:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.05.24 17:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.05.24 17:28:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apple [2011.05.24 17:28:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.05.24 17:28:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.05.24 17:27:57 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.05.24 17:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.05.24 17:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.05.24 17:27:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.05.23 16:26:31 | 000,000,000 | R--D | C] -- C:\Users\user\Documents\Scanned Documents [2011.05.23 16:26:31 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Fax [2011.05.21 21:40:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Games [2011.05.21 16:59:25 | 000,000,000 | ---D | C] -- C:\pdf [2011.05.21 16:55:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\syska-Anwendungen [2011.05.21 16:55:47 | 000,000,000 | ---D | C] -- C:\EUROFIBU [2011.05.21 16:14:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mozilla [2011.05.21 16:14:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Mozilla [2011.05.21 16:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.05.21 16:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2011.05.21 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\HP [2011.05.21 16:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2011.05.21 16:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2011.05.21 16:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2011.05.21 16:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2011.05.21 16:08:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2011.05.21 16:08:30 | 000,000,000 | ---D | C] -- C:\Config.Msi [2011.05.21 16:04:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Diagnostics [2011.05.21 15:45:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia [2011.05.21 15:45:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.05.21 15:44:44 | 000,000,000 | ---D | C] -- C:\Windows\AxInstSV [2011.05.21 15:24:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe [2011.05.21 15:24:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Adobe [2011.05.21 15:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.05.21 15:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.05.21 15:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.05.21 15:02:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\OpenOffice.org [2011.05.21 15:01:18 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011.05.21 15:00:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.05.21 15:00:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.05.21 15:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.05.21 15:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.05.21 14:57:28 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\OpenOffice.org 3.3 (de) Installation Files [2011.05.21 14:52:02 | 000,000,000 | ---D | C] -- C:\Programme\Java [2011.05.21 14:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2011.05.21 14:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2011.05.21 14:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011.05.21 14:24:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2011.05.21 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2011.05.21 14:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.05.21 14:23:46 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.05.21 14:21:16 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2011.05.21 14:21:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011.05.21 14:20:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Help [2011.05.21 14:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011.05.21 14:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011.05.21 14:20:02 | 000,000,000 | R--D | C] -- C:\MSOCache [2011.05.21 14:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.05.21 14:17:20 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.05.21 14:17:20 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.05.21 14:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.05.21 14:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.05.10 09:52:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ATI [2011.05.10 09:52:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ATI [2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\Searches [2011.05.10 09:51:57 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.05.10 09:51:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Identities [2011.05.10 09:51:46 | 000,000,000 | R--D | C] -- C:\Users\user\Contacts [2011.05.10 09:51:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\VirtualStore [2011.05.10 09:49:49 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Videos [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Music [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Links [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Documents [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop [2011.05.10 09:49:49 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Vorlagen [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Verlauf [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Startmenü [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Netzwerkumgebung [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Lokale Einstellungen [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Videos [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Musik [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Eigene Dateien [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Eigene Bilder [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Druckumgebung [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Anwendungsdaten [2011.05.10 09:49:49 | 000,000,000 | -HSD | C] -- C:\Users\user\Anwendungsdaten [2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp [2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft [2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs [2011.05.10 09:49:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Programme [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.05.10 09:49:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten ========== Files - Modified Within 30 Days ========== [2011.05.29 16:33:54 | 000,021,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.05.29 16:33:54 | 000,021,264 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.05.29 16:30:54 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.05.29 16:30:54 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.05.29 16:30:54 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.05.29 16:30:54 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.05.29 16:30:54 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.05.29 16:26:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.29 16:26:25 | 3019,251,712 | -HS- | M] () -- C:\hiberfil.sys [2011.05.28 12:15:57 | 000,001,265 | ---- | M] () -- C:\ProgramData\1547321422 [2011.05.28 11:50:16 | 000,000,036 | ---- | M] () -- C:\ProgramData\7cc03c35 [2011.05.28 11:46:58 | 000,000,144 | -HS- | M] () -- C:\ProgramData\2081450850 [2011.05.28 09:31:40 | 000,000,136 | ---- | M] () -- C:\ProgramData\~51174532 [2011.05.28 09:31:39 | 000,000,160 | ---- | M] () -- C:\ProgramData\~51174532r [2011.05.28 09:30:11 | 000,000,344 | ---- | M] () -- C:\ProgramData\51174532 [2011.05.27 15:27:46 | 000,203,776 | -HS- | M] () -- C:\ProgramData\unrar.exe [2011.05.27 15:27:20 | 000,000,127 | ---- | M] () -- C:\Windows\SysWow64\1458449477 [2011.05.27 15:18:27 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.24 17:28:28 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.05.21 17:01:43 | 000,445,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.05.21 16:55:53 | 000,001,560 | ---- | M] () -- C:\Windows\EFIBU.INI [2011.05.21 16:54:09 | 000,000,042 | ---- | M] () -- C:\Windows\wininit.ini [2011.05.21 16:52:27 | 000,000,000 | ---- | M] () -- C:\Windows\MKDEWE.TRN [2011.05.21 16:14:06 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.05.21 16:11:36 | 000,181,704 | ---- | M] () -- C:\Windows\hpoins28.dat [2011.05.21 16:10:03 | 000,001,358 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2011.05.21 16:06:30 | 000,002,703 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk [2011.05.21 16:06:23 | 000,002,697 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk [2011.05.21 16:06:18 | 000,002,795 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk [2011.05.21 15:24:23 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.05.21 15:02:49 | 000,001,246 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011.05.21 15:01:18 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.05.21 14:31:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011.05.21 14:31:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011.05.21 14:17:27 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.05.21 14:15:48 | 000,000,355 | ---- | M] () -- C:\Users\user\Desktop\Computer - Verknüpfung.lnk [2011.05.10 09:52:02 | 000,000,858 | ---- | M] () -- C:\Users\user\Desktop\Downloads.lnk [2011.05.10 09:49:24 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.05.10 09:49:24 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2011.05.29 16:33:24 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.05.29 16:33:24 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.05.29 16:33:24 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.05.29 16:33:24 | 000,001,358 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2011.05.29 16:33:24 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.05.29 16:33:24 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.05.28 09:31:39 | 000,000,160 | ---- | C] () -- C:\ProgramData\~51174532r [2011.05.28 09:31:39 | 000,000,136 | ---- | C] () -- C:\ProgramData\~51174532 [2011.05.28 09:30:11 | 000,000,344 | ---- | C] () -- C:\ProgramData\51174532 [2011.05.27 15:28:07 | 000,000,036 | ---- | C] () -- C:\ProgramData\7cc03c35 [2011.05.27 15:28:00 | 000,001,265 | ---- | C] () -- C:\ProgramData\1547321422 [2011.05.27 15:27:46 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe [2011.05.27 15:27:46 | 000,000,144 | -HS- | C] () -- C:\ProgramData\2081450850 [2011.05.27 15:27:19 | 000,000,127 | ---- | C] () -- C:\Windows\SysWow64\1458449477 [2011.05.27 15:18:27 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.21 16:54:09 | 000,000,042 | ---- | C] () -- C:\Windows\wininit.ini [2011.05.21 16:52:27 | 000,000,000 | ---- | C] () -- C:\Windows\MKDEWE.TRN [2011.05.21 16:08:06 | 000,181,704 | ---- | C] () -- C:\Windows\hpoins28.dat [2011.05.21 16:08:06 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat [2011.05.21 16:06:30 | 000,002,703 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk [2011.05.21 16:06:23 | 000,002,697 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk [2011.05.21 16:06:18 | 000,002,795 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk [2011.05.21 15:02:49 | 000,001,246 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011.05.21 14:31:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011.05.21 14:31:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011.05.21 14:15:48 | 000,000,355 | ---- | C] () -- C:\Users\user\Desktop\Computer - Verknüpfung.lnk [2011.05.10 09:52:03 | 000,001,416 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.05.10 09:51:59 | 000,001,450 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.05.10 09:51:58 | 000,000,858 | ---- | C] () -- C:\Users\user\Desktop\Downloads.lnk [2011.04.08 08:20:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.05.17 11:30:12 | 000,001,560 | ---- | C] () -- C:\Windows\EFIBU.INI ========== LOP Check ========== [2011.05.21 15:02:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice.org [2009.07.14 07:08:49 | 000,020,034 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:8C35AEA7[/QUOTE] [QUOTE]OTL Extras logfile created on: 29.05.2011 16:42:59 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\user\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 73,16% Memory free 7,50 Gb Paging File | 6,44 Gb Available in Paging File | 85,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 234,28 Gb Total Space | 204,13 Gb Free Space | 87,13% Space Free | Partition Type: NTFS Drive D: | 108,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive X: | 231,18 Gb Total Space | 219,88 Gb Free Space | 95,11% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour "{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes "{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit) "{39FE4416-BCD3-5CE9-E5D9-9E46B1948DED}" = ccc-utility64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{7385C8E4-66A7-91C3-FC45-5640D309F897}" = ATI Catalyst Install Manager "{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Shop for HP Supplies" = Shop for HP Supplies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4B54AC57-9FCE-C8FB-ED64-78255F7799AC}" = Catalyst Control Center Graphics Light "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5D7CA0B8-32F3-6050-4B5C-73BFDBBAD0D1}" = Catalyst Control Center Graphics Full New "{5F2DFE11-8EB7-18B1-91A8-439F3C4A33C9}" = Catalyst Control Center InstallProxy "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{72A61E3B-A04A-5242-20A9-A728C8AFD036}" = CCC Help English "{7A6173DA-867A-956A-532E-AEFFB01CC708}" = Catalyst Control Center Core Implementation "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A3BBD8AC-2B6B-F097-77E9-CDD147E667B0}" = Catalyst Control Center Graphics Previews Vista "{A5B7F0AE-657D-B653-177B-17E57BFC9BDB}" = Catalyst Control Center Graphics Full Existing "{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch "{B764714F-D647-C7A7-E0AB-3BE54CD83E83}" = Skins "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C5A08ABF-3595-FE4B-7471-5469FC0E8A8B}" = ccc-core-static "{C98940D2-AB1E-0A97-6C49-B69081C8AE13}" = Catalyst Control Center Localization All "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "EFIBU.EXE" = EURO FIBU "ENTERPRISE" = Microsoft Office Enterprise 2007 "Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 27.05.2011 08:31:18 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 27.05.2011 09:03:25 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327 Description = Error - 27.05.2011 09:15:39 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327 Description = Error - 27.05.2011 09:19:51 | Computer Name = user-PC | Source = MsiInstaller | ID = 11327 Description = Error - 27.05.2011 09:27:21 | Computer Name = user-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: QuickTime_Update_KB172101.exe, Version: 0.0.0.0, Zeitstempel: 0x4ddde52a Name des fehlerhaften Moduls: QuickTime_Update_KB172101.exe, Version: 0.0.0.0, Zeitstempel: 0x4ddde52a Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000314f ID des fehlerhaften Prozesses: 0xc18 Startzeit der fehlerhaften Anwendung: 0x01cc1c71cd4c930f Pfad der fehlerhaften Anwendung: C:\Users\user\Downloads\QuickTime_Update_KB172101.exe Pfad des fehlerhaften Moduls: C:\Users\user\Downloads\QuickTime_Update_KB172101.exe Berichtskennung: 0cd23a45-8865-11e0-a95e-d027883d050f Error - 27.05.2011 09:53:51 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 27.05.2011 11:23:57 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 27.05.2011 13:49:17 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 27.05.2011 14:06:32 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = Error - 27.05.2011 14:38:18 | Computer Name = user-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 29.05.2011 09:58:16 | Computer Name = user-PC | Source = MCUpdate | ID = 0 Description = 15:58:16 - Fehler beim Herstellen der Internetverbindung. 15:58:16 - Serververbindung konnte nicht hergestellt werden.. Error - 29.05.2011 09:58:29 | Computer Name = user-PC | Source = MCUpdate | ID = 0 Description = 15:58:21 - Fehler beim Herstellen der Internetverbindung. 15:58:21 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 10.05.2011 03:50:59 | Computer Name = user-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "kl2" wurde aufgrund folgenden Fehlers nicht gestartet: %%31 Error - 21.05.2011 07:49:18 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: kl2 Error - 21.05.2011 07:51:29 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: kl2 Error - 21.05.2011 08:08:09 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?21.?05.?2011 um 14:06:14 unerwartet heruntergefahren. Error - 21.05.2011 08:08:19 | Computer Name = user-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: kl2 Error - 21.05.2011 08:08:40 | Computer Name = user-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: %%16405 Error - 24.05.2011 01:57:47 | Computer Name = user-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?23.?05.?2011 um 21:31:32 unerwartet heruntergefahren. < End of report > |
|
30.05.2011, 14:59
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Fehlermeldung Catalyst Control Center Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
30.05.2011, 18:46
| #3 | |
| | Fehlermeldung Catalyst Control Center Hi,
__________________hier der Log: Zitat:
|
|
30.05.2011, 19:33
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2011.05.28 09:30:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.05.27 15:28:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\SysWoW32
[2011.05.27 15:27:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\BAF2C0597B6D0AC1B8A317E4EAD56753
[2011.05.28 12:15:57 | 000,001,265 | ---- | M] () -- C:\ProgramData\1547321422
[2011.05.28 11:50:16 | 000,000,036 | ---- | M] () -- C:\ProgramData\7cc03c35
[2011.05.28 11:46:58 | 000,000,144 | -HS- | M] () -- C:\ProgramData\2081450850
[2011.05.28 09:31:40 | 000,000,136 | ---- | M] () -- C:\ProgramData\~51174532
[2011.05.28 09:31:39 | 000,000,160 | ---- | M] () -- C:\ProgramData\~51174532r
[2011.05.28 09:30:11 | 000,000,344 | ---- | M] () -- C:\ProgramData\51174532
[2011.05.27 15:27:46 | 000,203,776 | -HS- | M] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:20 | 000,000,127 | ---- | M] () -- C:\Windows\SysWow64\1458449477
[2011.05.28 09:31:39 | 000,000,160 | ---- | C] () -- C:\ProgramData\~51174532r
[2011.05.28 09:31:39 | 000,000,136 | ---- | C] () -- C:\ProgramData\~51174532
[2011.05.28 09:30:11 | 000,000,344 | ---- | C] () -- C:\ProgramData\51174532
[2011.05.27 15:28:07 | 000,000,036 | ---- | C] () -- C:\ProgramData\7cc03c35
[2011.05.27 15:28:00 | 000,001,265 | ---- | C] () -- C:\ProgramData\1547321422
[2011.05.27 15:27:46 | 000,203,776 | -HS- | C] () -- C:\ProgramData\unrar.exe
[2011.05.27 15:27:46 | 000,000,144 | -HS- | C] () -- C:\ProgramData\2081450850
[2011.05.27 15:27:19 | 000,000,127 | ---- | C] () -- C:\Windows\SysWow64\1458449477
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:8C35AEA7
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.05.2011, 19:50
| #5 | |
| | Fehlermeldung Catalyst Control Center hi, so hier das Logfile Zitat:
|
|
30.05.2011, 19:58
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ --> Fehlermeldung Catalyst Control Center |
|
30.05.2011, 20:05
| #7 | |
| | Fehlermeldung Catalyst Control Center hi, unhide.exe hab ich nicht ausgeführt, da alle dateien sichtbar sind Zitat:
|
|
30.05.2011, 20:07
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.05.2011, 20:33
| #9 |
| | Fehlermeldung Catalyst Control Center hi, habe combofix ausgeführt: Combofix Logfile: Code:
ATTFilter ComboFix 11-05-30.04 - user 30.05.2011 21:22:55.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3839.2565 [GMT 2:00]
ausgeführt von:: c:\users\user\Desktop\cofi.exe.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
c:\users\user\AppData\Roaming\Adobe\plugs
c:\users\user\AppData\Roaming\Adobe\shed
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-04-28 bis 2011-05-30 ))))))))))))))))))))))))))))))
.
.
2011-05-30 19:25 . 2011-05-30 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-30 18:46 . 2011-05-30 18:46 -------- d-----w- C:\_OTL
2011-05-30 17:12 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-30 17:12 . 2011-05-30 17:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-29 17:13 . 2011-05-29 17:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-05-29 15:57 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-29 15:57 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-29 14:58 . 2011-05-29 14:58 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-28 09:59 . 2011-05-28 09:59 -------- d-----w- c:\programdata\Malwarebytes
2011-05-28 09:59 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-28 05:31 . 2011-05-18 10:37 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{841A471E-850A-466B-8ED6-C096D4F21C7E}\mpengine.dll
2011-05-26 17:44 . 2011-05-26 17:44 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-05-26 17:44 . 2011-05-26 17:44 845632 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-25 05:22 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 15:29 . 2011-05-24 15:29 -------- dc----w- c:\windows\system32\DRVSTORE
2011-05-24 15:29 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-05-24 15:28 . 2011-05-24 15:28 -------- d-----w- c:\program files (x86)\QuickTime
2011-05-24 15:28 . 2011-05-24 15:28 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-05-24 15:28 . 2011-05-24 15:28 -------- d-----w- c:\program files\Common Files\Apple
2011-05-24 15:27 . 2011-05-24 15:29 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-05-24 15:27 . 2011-05-24 15:27 -------- d-----w- c:\programdata\Apple
2011-05-21 14:59 . 2011-05-21 14:59 -------- d-----w- C:\pdf
2011-05-21 14:55 . 2011-05-21 14:56 -------- d-----w- C:\EUROFIBU
2011-05-21 14:11 . 2011-05-21 14:11 -------- d-----w- c:\programdata\WEBREG
2011-05-21 14:10 . 2011-05-21 14:10 -------- d-----w- c:\programdata\HP Product Assistant
2011-05-21 14:09 . 2011-05-21 14:09 -------- d-----w- c:\program files (x86)\Common Files\HP
2011-05-21 14:08 . 2011-05-21 14:08 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2011-05-21 14:08 . 2011-05-21 14:10 -------- d-----w- c:\program files (x86)\HP
2011-05-21 14:07 . 2009-07-08 10:51 938496 ----a-w- c:\windows\system32\hpowiax7.dll
2011-05-21 14:07 . 2009-07-08 10:51 740864 ----a-w- c:\windows\system32\hpotscl6.dll
2011-05-21 14:07 . 2009-07-08 10:51 642360 ----a-w- c:\windows\system32\hpzids40.dll
2011-05-21 14:07 . 2009-07-08 10:51 551424 ----a-w- c:\windows\system32\hppldcoi.dll
2011-05-21 14:07 . 2009-07-08 10:51 505344 ----a-w- c:\windows\system32\hpovst15.dll
2011-05-21 13:45 . 2011-05-21 18:34 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-21 13:45 . 2011-05-21 13:45 -------- d-----w- c:\windows\SysWow64\Macromed
2011-05-21 13:44 . 2011-05-21 13:45 -------- d-----w- c:\windows\AxInstSV
2011-05-21 13:24 . 2011-05-21 13:24 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-05-21 13:05 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-05-21 13:00 . 2011-05-21 13:00 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2011-05-21 13:00 . 2011-05-29 17:13 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-21 13:00 . 2011-05-21 13:00 -------- d-----w- c:\program files (x86)\Java
2011-05-21 12:52 . 2011-05-21 12:52 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-21 12:35 . 2011-05-21 14:11 -------- d-----w- c:\programdata\HP
2011-05-21 12:34 . 2011-05-21 12:34 -------- d-----w- c:\programdata\Hewlett-Packard
2011-05-21 12:34 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2011-05-21 12:25 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-05-21 12:25 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-21 12:25 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-21 12:25 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-05-21 12:25 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-21 12:24 . 2011-05-21 12:24 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-05-21 12:23 . 2011-05-21 12:23 -------- d-----w- c:\windows\PCHEALTH
2011-05-21 12:21 . 2011-05-21 12:21 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-05-21 12:20 . 2011-05-21 12:26 -------- d-----w- c:\programdata\Microsoft Help
2011-05-21 12:20 . 2011-05-21 12:20 -------- d-----r- C:\MSOCache
2011-05-21 12:17 . 2011-05-21 12:17 -------- d-----w- c:\programdata\Avira
2011-05-21 12:17 . 2011-05-21 12:17 -------- d-----w- c:\program files (x86)\Avira
2011-05-21 12:17 . 2011-04-01 15:07 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-05-21 12:17 . 2011-04-01 15:07 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-05-21 11:54 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-21 11:54 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-21 11:54 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-05-21 11:54 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-05-21 11:54 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-21 11:54 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-05-21 11:54 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-21 11:54 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-21 11:54 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-10 07:49 . 2011-05-30 17:20 -------- d-----w- c:\users\user
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 06:19 . 2011-05-21 11:53 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-05-21 11:53 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
.
c:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FXDrv32;FXDrv32;D:\FXDrv64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-28 136360]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 10944739
*Deregistered* - 10944739
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.at/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nrsrmvds.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-iTunesHelper - j:\johannes\iTunesHelper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-05-30 21:26:43
ComboFix-quarantined-files.txt 2011-05-30 19:26
.
Vor Suchlauf: 13 Verzeichnis(se), 217.339.572.224 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 217.803.595.776 Bytes frei
.
- - End Of File - - 7A79AD1219CA6AE6030FEE1A45B07D01
danach waren die verküpfungen an der taskleiste nicht mehr vorhanden (Pfad??) gruß even |
|
30.05.2011, 21:13
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Bitte nun Logs mit GMER und mbrcheck erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg Anleitung zu mbrcheck: Downloade Dir MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.05.2011, 21:42
| #11 | |
| | Fehlermeldung Catalyst Control Center hallo, hoffe ich habs richtig gemacht: GMER hat nichts gefunden und das andere log: Zitat:
Geändert von even (30.05.2011 um 22:03 Uhr) |
|
31.05.2011, 10:00
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.05.2011, 17:27
| #13 | |
| | Fehlermeldung Catalyst Control Center hallo, also maleware hat nichts gefunden. SUPERAntiSpyware Log: Zitat:
gruß even |
|
31.05.2011, 18:24
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fehlermeldung Catalyst Control Center Die Funde mit SUPERAntiSpyware bitte entfernen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.05.2011, 18:56
| #15 |
| | Fehlermeldung Catalyst Control Center hi, so die Funde von SUPERAntiSpyware habe ich entfernt. der ESET Scan hatte einen fund aber ich finde das Log leider nicht. Gruß even |
|
| Themen zu Fehlermeldung Catalyst Control Center |
| 64-bit, alternate, antivir, autorun, avira, bho, bonjour, c:\windows\system32\rundll32.exe, desktop, error, excel, firefox, flash player, google, helper, home, install.exe, installation, keine dateien, langs, logfile, microsoft office word, mozilla, msiinstaller, object, oldtimer, plug-in, problem, realtek, registry, scan, searchplugins, security, senden, shell32.dll, shortcut, software, start menu, syswow64, webcheck, windows |
Linear-Darstellung
