:hallo:
Rechner von Internet trennen! Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin). - Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
- Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen". - Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:
Code:
:OTL
SRV - [2012.07.14 10:26:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.27 17:01:34 | 000,791,488 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE:64bit: - HKLM\..\SearchScopes\{4E753C7E-2C9F-4FB2-A281-DE69E6270F2D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes\{61F80AC1-835D-4349-B442-9FCFFAA705CD}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=fe3eda34-04c2-11e1-a7e3-0090f5bb250e&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{EE1CDBEC-798E-4C49-8AD9-8C140953D30F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSBTDF&pc=MASB&src=IE-SearchBox
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKCU\..\SearchScopes\{61F80AC1-835D-4349-B442-9FCFFAA705CD}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=fe3eda34-04c2-11e1-a7e3-0090f5bb250e&q={searchTerms}
IE - HKCU\..\SearchScopes\{9A53CB25-C47A-4F50-A10F-9BBCFA1EB2DB}: "URL" = http://www.google.de/#hl=de&xhr=t&q={searchTerms}&cp=3&pf=p&sclient=psy&site=&source=hp&aq=0&aqi=&aql=&oq=TES&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=6cebbb4b5ea010e4&biw=1600&bih=719
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{F20D9377-09E8-4815-AA82-878B719A8441}: "URL" = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.startup.homepage: "http://search.imesh.com"
FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKCU..\Run: [eujegcbvjeukrps] C:\ProgramData\eujegcbv.exe ()
O4 - Startup: C:\Users\Marcel Berger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
[2012.07.20 22:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\zhdiotjdjznnylr
[2012.07.20 22:33:02 | 000,000,051 | ---- | M] () -- C:\ProgramData\gzzddyhibmwoxiz
[2012.07.20 22:32:59 | 000,053,248 | ---- | M] () -- C:\ProgramData\eujegcbv.exe
[2012.07.08 22:14:55 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2012.07.08 22:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012.07.08 22:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2012.07.08 22:14:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012.07.20 22:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\zhdiotjdjznnylr
[2012.07.20 22:33:02 | 000,000,051 | ---- | M] () -- C:\ProgramData\gzzddyhibmwoxiz
[2012.07.20 22:33:02 | 000,053,248 | ---- | C] () -- C:\ProgramData\eujegcbv.exe
[2012.07.20 22:33:00 | 000,000,051 | ---- | C] () -- C:\ProgramData\gzzddyhibmwoxiz
[2012.07.21 00:14:09 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.20 22:46:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.20 22:32:59 | 000,053,248 | ---- | M] () -- C:\ProgramData\eujegcbv.exe
[2012.07.20 22:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.20 23:57:39 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\00000008.@
[2012.07.14 10:31:51 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.07.14 10:31:28 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.14 10:31:27 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.13 16:51:43 | 000,000,000 | ---D | C] -- C:\Users\Marcel Berger\AppData\Local\Macromedia
[2012.07.13 16:51:35 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.09 22:51:55 | 000,095,744 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\80000032.@
[2012.07.09 22:51:54 | 000,080,896 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\80000064.@
[2012.07.09 22:51:54 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\L\00000004.@
[2012.07.09 22:51:52 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\80000000.@
[2012.07.09 22:51:51 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\00000004.@
[2012.07.09 22:51:51 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\U\000000cb.@
[2012.07.09 22:52:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.01.11 21:21:12 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\@
[2012.01.11 21:21:12 | 000,002,048 | -HS- | C] () -- C:\Users\Marcel Berger\AppData\Local\{16cf9c8d-c14b-e834-afb4-1906ce919c9a}\@
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
- Schließe alle Programme.
- Klicke auf den Fix Button.
- Wenn OTL einen Neustart verlangt, bitte zulassen.
- Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
