Trojan.Win32.Generic!BT über AdAware gefunden
 

Hallo zusammen,
ich hoffe ich mache alles richtig:
Ich habe heute Abend einen Vollständigen Scan mit AdAware durchgeführt, dabei wurde folgende Datei entdeckt: Trojan.Win32.Generic!BT und zwar unter c:\program files\clearprog\ebay\ebayshortcuts.exe
Nach ein wenig Suchen, was dieser Trojaner verursacht bin ich auf dieses Forum gestoßen. Ad Aware meldet in letzter Zeit häufiger, dass es heruntergefahren wurde.
Den Log von AdAware habe ich beigefügt.
Dann habe ich LOAD heruntergeladen und die Schritte 1-4 erfolgreich abgeschlossen. Für Schritt 5 wollte ich AVG Anti-Virus Free Edition 2011 beenden, dies funktionierte aber nicht. Nur AdAware konnte ich beenden.
Dann habe ich g2m3e4r gestartet, und habe wie gewünscht auf scan gedrückt: Dann kam nach einer Weile "Gmer funktioniert nicht mehr". Ich habe es erneut gestartet und der Scan fing wieder an, dann wurde der Bildschirm Blau und es war von einem Stop Error Screen die Rede.
Daraufhin habe ich den PC neugestartet und schreibe nun diese Zeilen...
Danke schonmal für die Hilfe!

Hallo und :hallo:

:glaskugel: du hast nicht gelesen, was du dir bei ClearProg mitinstalliert hast...
Die Ebayshortcuts können während der installation abgewählt werden:rolleyes:

Überprüfe dein System mal mit Malwarebytes und erstelle bitte ein Log mit OTL

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)

• Doppelklick auf die OTL.exe
• Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
• Unter Extra Registrierung, wähle bitte Benutze SafeList
• Klicke nun auf Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste alle Logfiles hier in den Thread.

MFG

Danke für die superschnelle Antwort.

Hier kommen die Logs:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5650

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

01.02.2011 21:34:14
mbam-log-2011-02-01 (21-34-14).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 143057
Laufzeit: 4 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)OTL Logfile:
--- --- ---
OTL Logfile:
--- --- ---

Vielen Dank

Hallo

Fixen mit OTL

• Starte bitte die OTL.exe.
  Vista und Win7 User: mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die http://image.hijackthis.eu/upload/hjt1-021.jpg Textbox.

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument.
  Kopiere nun den Inhalt hier in Deinen Thread

Lass bitte diese Dateien
C:\Windows\System32\UnzDll.dll
C:\Windows\System32\drivers\HOTKEY.sys
C:\Windows\System32\lsdelete.exe
hier Virustotal, hier virscan.org
oder hier Jotti überprüfen (kann einige Minuten dauern),
poste die gesamten Ergebnisse mit der Angabe der Größe der hochgeladenen Datei sowie die MD5 und SHA1 Angaben oder verlinke auf die Auswertung,
bitte auch wenn nichts gefunden wurde.

BTW. von ersten OTL Scan fehlt die Extras.txt Datei, die würd ich gern sehen.

MFG

Hallo,
hier kommt zunächt die fehlende OTL Extras Logfile. An den anderen Schritten versuche ich mich jetzt...OTL EXTRAS Logfile:
--- --- ---

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{43978C33-0533-4C09-93C6-59DAC4C7736B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AF30254F-B22A-4F24-8052-88EF1E7E5347}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D34CE02B-4070-4368-93F2-83213C802A6E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10D7A0A5-874F-4AEF-946B-8C06E88953D0}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{14AB5FC2-D834-4F8C-8D39-46CCF9245F3C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{19FFEBDB-3944-45FD-842E-C0CAC428DD67}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2E9D9C0B-0137-483D-B92A-CD530592F3E6}" = dir=in | app=c:\program files\home cinema\powerdvd\powerdvd.exe |
"{3BA65083-3F97-464C-9EF6-4EA2B59F3CCD}" = dir=in | app=c:\program files\home cinema\makedisc\makedisc.exe |
"{421BA3AE-7C99-4EB8-A4E1-5AAAC26133D7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{4B438081-401D-4632-82D1-3B11998C26E8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4BC4E3DD-1050-4B48-9F68-9FA2740DFEF5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{5242F66A-32D3-40BD-BA15-A09FD5BA67F2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{64271565-696C-43B5-96FD-D76E334A9F2A}" = protocol=6 | dir=in | app=e:\dwizard300.exe |
"{8B8256C9-E6E4-445D-B5DD-2A405D7A28F9}" = protocol=17 | dir=in | app=e:\dwizard300.exe |
"{8F968976-1FED-4E3E-BBF4-BFD59BEC97A4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{A09338A2-CC74-4A5A-9F57-928168995000}" = dir=in | app=c:\program files\cyberlink\powerdv\powerdv.exe |
"{A1809F26-F99C-4717-B765-5E4897233212}" = protocol=17 | dir=in | app=e:\libneap.dll |
"{A33F2E88-A531-4998-B70D-BA0608234BCD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B8D386D2-9E65-464E-AB29-F303DBE67072}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{BB8C52AB-7757-478A-A5E6-C8995C3B6246}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{CB9975AD-1FF8-4F06-A91A-276919AECBB7}" = protocol=6 | dir=in | app=e:\libneap.dll |
"{CDBEB067-3760-4F26-9C32-2F4450F24E14}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{F3289106-9270-44C2-A8C5-5B3A4BDB0EFF}" = dir=in | app=c:\program files\home cinema\powerdirector\pdr.exe |
"{F736CADE-D8C1-4572-BE47-619F692260B9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F846E7AC-1657-4590-8D5F-3A90304AB2C1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{F88D2146-E7DB-4AD7-A844-DCD4E2292B3C}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{FCFA9CB3-DC67-45F7-878A-3F9B9BC92F7A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{09419647-E452-4D63-A80B-006230DAFE29}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{16509B15-D827-421E-9513-2D99BB938544}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe |
"TCP Query User{236587C3-484D-4435-8719-5BC7682C41AA}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{2F81C50F-CA73-45E4-88D7-DAD43275076F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{425716A9-3561-40B4-9EA5-DD3844D96A32}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5B7F9E6B-61CC-47A1-A2BC-20B12C3BC90F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{896A7324-A245-400A-A017-C3AD4B2026F0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{8D9F2EF9-8723-4446-AE85-00DEEE905907}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{B241494C-A66C-40EB-B279-764FA4EB44F9}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{D028D75F-5B82-443C-99FB-229C92D45162}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{D69B4A2C-F478-487D-AC1C-1E2AFCA126E1}C:\program files\project reloaded\project reloaded.exe" = protocol=6 | dir=in | app=c:\program files\project reloaded\project reloaded.exe |
"TCP Query User{DCF8DB70-2DD3-4C78-983E-90AFE44305AC}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{20A0137A-2407-450C-BB50-4E0E17F35EB0}C:\program files\project reloaded\project reloaded.exe" = protocol=17 | dir=in | app=c:\program files\project reloaded\project reloaded.exe |
"UDP Query User{35A921F6-8CAD-46B2-8E9E-269D472E71DC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{4C04DEB6-C107-43EC-8BB6-3BACE7BDCD13}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4C1E73E6-C951-44B2-87FF-896E861D8DC2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{550580C2-664D-42D5-8515-A21AC95B1483}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{5C696778-A0F4-4137-8FE9-CEA0C7CA11CC}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{853D2E95-B467-4D53-A9ED-6792EE681835}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe |
"UDP Query User{90AC0694-6B60-4295-B54E-0BC6FFB45625}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{9BBC2536-92FE-4B97-A63E-BC1FB3712C53}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{AB27F514-F171-4D1C-96D0-4678305B67F2}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{B640049A-64A2-4FF0-ADA4-E0FBB689C181}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{D7671EE0-8C99-41F0-8684-632CD9281F55}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63B75E16-F290-4FCD-AF67-A9134CD01031}" = Nero 7 Essentials
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87079BC7-1A1E-4520-B5C3-9AF582FA26FD}" = AuthenTec Fingerprint Sensor Minimum Install
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{A276502A-8979-44FB-8090-90CF72F22ABC}" = AVG 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.5 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B804C424-B66D-447A-84BD-C6B88C392C3A}" = PowerDV
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.8
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 5.00.74
"{FEDE400D-3381-4087-ACCB-689DD8A56123}" = Inst5657
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ArtistScope Plugin FX 424.2.0.0" = ArtistScope Plugin FX 42
"Audacity_is1" = Audacity 1.2.6
"AVG" = AVG 2011
"ClearProg" = ClearProg 1.6.1 Beta 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Stylus C110_D120 Benutzerhandbuch" = EPSON Stylus C110_D120 Handbuch
"EPSON SX110 Series" = Druckerdeinstallation für EPSON SX110 Series
"ERUNT_is1" = ERUNT 1.1j
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued 6.0.2.0 (D)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
"PDF Password Remover v3.1_is1" = PDF Password Remover v3.1
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
"Zattoo" = Zattoo 3.3.1 Beta

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.10.2009 04:47:07 | Computer Name = Julia-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung scureapp.exe, Version 5.0.0.1, Zeitstempel 0x46dd99b1,
fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
0xc0000005, Fehleroffset 0x00000000, Prozess-ID 0xaa4, Anwendungsstartzeit 01ca459835572579.

Error - 05.10.2009 04:47:20 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:20 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:21 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05.10.2009 04:47:22 | Computer Name = Julia-PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 20.11.2007 16:12:01 | Computer Name = Julia-PC | Source = ehRecvr | ID = 4
Description =

Error - 03.12.2007 10:38:57 | Computer Name = Julia-PC | Source = ehRecvr | ID = 4
Description =

Error - 11.09.2008 12:52:12 | Computer Name = Julia-PC | Source = ehRecvr | ID = 4
Description =

Error - 24.04.2009 08:52:02 | Computer Name = Julia-PC | Source = ehRecvr | ID = 4
Description =

[ System Events ]
Error - 31.01.2011 13:31:36 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 31.01.2011 18:39:33 | Computer Name = Julia-PC | Source = DCOM | ID = 10010
Description =

Error - 31.01.2011 18:41:08 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 31.01.2011 18:47:19 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 31.01.2011 19:09:28 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 31.01.2011 19:42:15 | Computer Name = Julia-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 01.02.2011 um 00:38:00 unerwartet heruntergefahren.

Error - 31.01.2011 19:42:41 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 31.01.2011 19:48:27 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 01.02.2011 15:44:29 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 01.02.2011 15:47:32 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7011
Description =


< End of report >

Hier kommt das Dokument nach dem Fix mit OTL

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\Windows\Downloaded Program Files\setup.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91}
C:\Windows\Downloaded Program Files\mail_upload.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}
C:\Windows\Downloaded Program Files\WMDL.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9}\ not found.
Starting removal of ActiveX control {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}
C:\Windows\Downloaded Program Files\fscax.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
C:\Windows\Downloaded Program Files\OberonGameHost_dbg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0058e61d-fb5f-11de-a88d-0016d3c09ec9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0058e61d-fb5f-11de-a88d-0016d3c09ec9}\ not found.
File G:\Menu.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Julia
->Temp folder emptied: 188611 bytes
->Temporary Internet Files folder emptied: 1450629 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 42223888 bytes
->Flash cache emptied: 922 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 302 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02022011_145255

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\JET9EED.tmp not found!
C:\Windows\temp\JETBB33.tmp moved successfully.

Registry entries deleted on Reboot...

VirusTotal - Free Online Virus, Malware and URL Scanner

VirusTotal - Free Online Virus, Malware and URL Scanner

VirusTotal - Free Online Virus, Malware and URL Scanner

Hallo

die Links zu Virustotal sind keine, ich kann die Ergebnisse nicht sehen, versuch es bitte nochmal.

Deinstalliere bitte alle alten Java sowie Adobe Reader Versionen und versorge dich hier mit den aktuellen
Java
Adobe Reader
überprüfe bitte auch ob die neuesten Flashversionen installiert sind
Adobe - Andere Version des Adobe Flash Player installieren
Hast du in letzter Zeit mal die Updateseite von M$ besucht:blabla:?
Wenn nicht, mal alle verfügbaren Updates einspielen
Microsoft Sicherheits-Portal

MFG

File name:
UnzDll.dll
Submission date:
2011-02-04 09:54:59 (UTC)
Current status:
queued queued (#82) analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.69 2011.02.04 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.03 -
Avast5 5.0.677.0 2011.02.03 -
AVG 10.0.0.1190 2011.02.04 -
BitDefender 7.2 2011.02.04 -
CAT-QuickHeal 11.00 2011.02.04 -
ClamAV 0.96.4.0 2011.02.04 -
Commtouch 5.2.11.5 2011.02.04 -
Comodo 7586 2011.02.04 -
DrWeb 5.0.2.03300 2011.02.04 -
Emsisoft 5.1.0.2 2011.02.04 -
eSafe 7.0.17.0 2011.02.03 -
eTrust-Vet 36.1.8140 2011.02.04 -
F-Prot 4.6.2.117 2011.02.01 -
F-Secure 9.0.16160.0 2011.02.04 -
Fortinet 4.2.254.0 2011.02.04 -
GData 21 2011.02.04 -
Ikarus T3.1.1.97.0 2011.02.04 -
Jiangmin 13.0.900 2011.02.04 -
K7AntiVirus 9.81.3737 2011.02.03 -
Kaspersky 7.0.0.125 2011.02.04 -
McAfee 5.400.0.1158 2011.02.04 -
McAfee-GW-Edition 2010.1C 2011.02.04 -
Microsoft 1.6502 2011.02.04 -
NOD32 5845 2011.02.04 -
Norman 6.07.03 2011.02.03 -
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.03 -
PCTools 7.0.3.5 2011.02.04 -
Prevx 3.0 2011.02.04 -
Rising 23.43.04.02 2011.02.04 -
Sophos 4.61.0 2011.02.04 -
SUPERAntiSpyware 4.40.0.1006 2011.02.04 -
Symantec 20101.3.0.103 2011.02.04 -
TheHacker 6.7.0.1.123 2011.02.02 -
TrendMicro 9.200.0.1012 2011.02.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.04 -
VBA32 3.12.14.3 2011.02.02 -
VIPRE 8302 2011.02.04 -
ViRobot 2011.2.4.4292 2011.02.04 -
VirusBuster 13.6.180.0 2011.02.03 -
Additional information
Show all
MD5 : b1422a3b27d09b0cca762c1f7bab7f20
SHA1 : 31bc4cad253387efbbc72ae7e27affa15751d98c
SHA256: d31e67d6c2c20ce89212393549940689cfb0b61f2696c8838e5d7288783a5b37

File name:
HOTKEY.sys
Submission date:
2011-02-04 10:05:35 (UTC)
Current status:
queued (#79) queued analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.50 2011.02.01 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.01 -
Avast5 5.0.677.0 2011.02.01 -
AVG 10.0.0.1190 2011.02.02 -
BitDefender 7.2 2011.02.02 -
CAT-QuickHeal 11.00 2011.02.02 -
ClamAV 0.96.4.0 2011.02.02 -
Commtouch 5.2.11.5 2011.02.02 -
Comodo 7562 2011.02.02 -
DrWeb 5.0.2.03300 2011.02.01 -
Emsisoft 5.1.0.2 2011.02.02 -
eSafe 7.0.17.0 2011.02.01 -
eTrust-Vet 36.1.8135 2011.02.01 -
F-Prot 4.6.2.117 2011.02.01 -
F-Secure 9.0.16160.0 2011.02.02 -
Fortinet 4.2.254.0 2011.02.02 -
GData 21 2011.02.02 -
Ikarus T3.1.1.97.0 2011.02.02 -
Jiangmin 13.0.900 2011.02.01 -
K7AntiVirus 9.80.3713 2011.02.01 -
Kaspersky 7.0.0.125 2011.02.02 -
McAfee 5.400.0.1158 2011.02.02 -
McAfee-GW-Edition 2010.1C 2011.02.02 -
Microsoft 1.6502 2011.02.01 -
NOD32 5838 2011.02.01 -
Norman 6.06.12 2011.02.01 -
nProtect 2011-01-27.01 2011.02.01 -
Panda 10.0.3.5 2011.02.01 -
PCTools 7.0.3.5 2011.01.31 -
Prevx 3.0 2011.02.04 -
Rising 23.43.02.02 2011.02.02 -
Sophos 4.61.0 2011.02.02 -
SUPERAntiSpyware 4.40.0.1006 2011.02.02 -
Symantec 20101.3.0.103 2011.02.02 -
TheHacker 6.7.0.1.122 2011.01.30 -
TrendMicro 9.120.0.1004 2011.02.02 -
TrendMicro-HouseCall 9.120.0.1004 2011.02.02 -
VBA32 3.12.14.3 2011.02.01 -
VIPRE 8282 2011.02.02 -
ViRobot 2011.2.2.4287 2011.02.02 -
VirusBuster 13.6.176.0 2011.02.01 -
Additional information
Show all
MD5 : 8b566ea71d5b76157a9cdb78f25a5731
SHA1 : 3f2d8df15c1c540fe56a2a8ca4ad9cab8e6cf84f
SHA256: 9ee1bf3925f0592f159a96e1224df04b037f312a903bfebd87b5188a55f301c3

File name:
lsdelete.exe
Submission date:
2011-02-04 10:09:45 (UTC)
Current status:
queued (#80) queued (#80) analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.01.27.01 2011.01.27 -
AntiVir 7.11.2.71 2011.02.04 -
Antiy-AVL 2.0.3.7 2011.01.28 -
Avast 4.8.1351.0 2011.02.03 -
Avast5 5.0.677.0 2011.02.03 -
AVG 10.0.0.1190 2011.02.04 -
BitDefender 7.2 2011.02.04 -
CAT-QuickHeal 11.00 2011.02.04 -
ClamAV 0.96.4.0 2011.02.04 -
Commtouch 5.2.11.5 2011.02.04 -
Comodo 7586 2011.02.04 -
DrWeb 5.0.2.03300 2011.02.04 -
Emsisoft 5.1.0.2 2011.02.04 -
eSafe 7.0.17.0 2011.02.03 -
eTrust-Vet 36.1.8140 2011.02.04 -
F-Prot 4.6.2.117 2011.02.01 -
F-Secure 9.0.16160.0 2011.02.04 -
Fortinet 4.2.254.0 2011.02.04 -
GData 21 2011.02.04 -
Ikarus T3.1.1.97.0 2011.02.04 -
Jiangmin 13.0.900 2011.02.04 -
K7AntiVirus 9.81.3737 2011.02.03 -
Kaspersky 7.0.0.125 2011.02.04 -
McAfee 5.400.0.1158 2011.02.04 -
McAfee-GW-Edition 2010.1C 2011.02.04 -
Microsoft 1.6502 2011.02.04 -
NOD32 5845 2011.02.04 -
Norman 6.07.03 2011.02.03 -
nProtect 2011-01-27.01 2011.02.02 -
Panda 10.0.3.5 2011.02.03 -
PCTools 7.0.3.5 2011.02.04 -
Prevx 3.0 2011.02.04 -
Rising 23.43.04.02 2011.02.04 -
Sophos 4.61.0 2011.02.04 -
SUPERAntiSpyware 4.40.0.1006 2011.02.04 -
Symantec 20101.3.0.103 2011.02.04 -
TheHacker 6.7.0.1.123 2011.02.02 -
TrendMicro 9.200.0.1012 2011.02.04 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.04 -
VBA32 3.12.14.3 2011.02.02 -
VIPRE 8302 2011.02.04 -
ViRobot 2011.2.4.4292 2011.02.04 -
VirusBuster 13.6.180.0 2011.02.03 -
Additional information
Show all
MD5 : c054dc6adfc178c3f356432293c48b2f
SHA1 : 62baa3c565b39cb1861be386158ca146b8dbd084
SHA256: 329b96a5246c13a6bb22718621842bfa8965ed565e21f24715594ab5dc9ab200

Hallo,
das mit den Links hatte nicht geklappt, habe die Ergebnisse deshalb jetzt eingefügt.
Java und Adobe-Reader sind deinstalliert und neu heruntergeladen. Adobe Flash Player aktualisiert.
Laut Windows Update - sind keine wichtigen Updates vorhanden.
Vielen Dank

Hallo

gut, dann denke ich, das war es.
Viel Spaß weiterhin im Netz

MFG