Plagegeist GVU Tojaner 2.07 auf meinem Rechner

LIEBBE · 12.07.2012, 19:08

Hallo und Guten Abend.

Ich bräuchte von euch Hilfe:

Ich habe seit gestern den GVU Trojaner 2.07 auf meinem Rechner.
Habe ihn auf ein früheres Datum zurückgesetzt und den Avira DE-Cleaner runtergeladen. Der hatte zwei unerwünschte Programme gefunden und angeblich entfernt.
Heute ist er wieder da....
Habe hier einiges gelesen, aber ich bin nicht so tief in der Materie wie die meisten hier im Forum. Ich habe auch gelesen, dass wenn der Trojaner entfernt wird, immer noch eine Shell Datei in der Registry ist die mann auch löschen muss...
Ich bräuchte also (wenn möglich) eine Schritt-für-Schritt-Anleitung.
Habe den OTL runtergeladen und nun folgen die 2 logfiles:

OTL logfile created on: 12.07.2012 19:36:46 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\KERRIN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,50% Memory free
6,22 Gb Paging File | 4,53 Gb Available in Paging File | 72,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 439,79 Gb Free Space | 76,33% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,55 Gb Free Space | 62,77% Space Free | Partition Type: FAT32
Drive I: | 981,23 Mb Total Space | 980,39 Mb Free Space | 99,91% Space Free | Partition Type: FAT

Computer Name: KERRIN-PC | User Name: KERRIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\KERRIN\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\KERRIN\AppData\Local\Temp\decleaner\decleaner\setup\deCleaner.exe (Avira GmbH)
PRC - C:\Users\KERRIN\AppData\Local\Temp\decleaner\decleaner\setup\avscan.exe (Avira GmbH)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\KERRIN\AppData\Local\Temp\decleaner\avwebloader.exe (Avira GmbH)
PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\KERRIN\AppData\Local\Temp\decleaner\scewxmlw.dll ()
MOD - C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()

========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (DfSdkS) -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe (mst software GmbH, Germany)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NAL) -- C:\Windows\System32\drivers\iqvw32.sys (Intel Corporation )
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1351351
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 14:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.07 22:56:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 14:55:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.07 22:56:05 | 000,000,000 | ---D | M]

[2010.07.14 13:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KERRIN\AppData\Roaming\mozilla\Extensions
[2012.05.03 07:38:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KERRIN\AppData\Roaming\mozilla\Firefox\Profiles\n2qug8bx.default\extensions
[2010.07.23 09:51:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\KERRIN\AppData\Roaming\mozilla\Firefox\Profiles\n2qug8bx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.18 22:31:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.17 14:55:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.03 18:54:18 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.13 00:29:03 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.13 00:29:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.13 00:29:03 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.13 00:29:03 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.13 00:29:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.13 00:29:03 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.com/

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Rudaado] C:\Users\KERRIN\AppData\Roaming\Cigaz\obtal.exe File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D638CEF0-7260-477B-B054-08B218F06D34}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\KERRIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\KERRIN\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1b89d6df-d0e1-11e0-9191-001c4af2ae22}\Shell - "" = AutoRun
O33 - MountPoints2\{1b89d6df-d0e1-11e0-9191-001c4af2ae22}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{e21383dd-8f30-11df-b07e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e21383dd-8f30-11df-b07e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe
O33 - MountPoints2\{ebc7f8eb-f927-11df-ab58-0021856a881d}\Shell - "" = AutoRun
O33 - MountPoints2\{ebc7f8eb-f927-11df-ab58-0021856a881d}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.07.12 19:32:30 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\KERRIN\Desktop\OTL.exe
[2012.07.12 19:15:32 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\AppData\Roaming\Malwarebytes
[2012.07.12 19:15:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.12 19:15:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.12 19:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.12 19:14:10 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\KERRIN\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.12 19:13:38 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\KERRIN\Desktop\mbam-setup-1.61.0.1400.exe.part
[2012.07.08 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\Desktop\hochzeitssprüche
[2012.07.04 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\AppData\Roaming\Uhwi
[2012.07.04 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\AppData\Roaming\Deoh
[2012.07.04 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\AppData\Roaming\Cigaz
[2012.07.04 14:13:05 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\Desktop\Elterngeld Anträge
[2012.06.22 15:07:31 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.22 15:07:31 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.22 15:07:11 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.22 15:07:11 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.22 15:07:11 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.22 15:07:06 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.22 15:07:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.21 08:53:03 | 000,000,000 | ---D | C] -- C:\Users\KERRIN\schreinerei
[2012.06.14 16:08:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.06.14 16:08:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.06.14 16:08:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.06.14 16:08:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.06.14 16:08:13 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.06.14 16:08:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.06.14 16:08:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.06.13 12:56:04 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.01.06 13:12:53 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2C40.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.12 19:32:35 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\KERRIN\Desktop\OTL.exe
[2012.07.12 19:22:35 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.12 19:22:33 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 19:22:33 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.12 19:16:54 | 000,000,924 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.12 19:14:29 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\KERRIN\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.12 19:13:46 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\KERRIN\Desktop\mbam-setup-1.61.0.1400.exe.part
[2012.07.12 19:06:17 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.12 19:06:17 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.12 19:06:17 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.12 19:06:17 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.12 19:03:29 | 000,001,856 | ---- | M] () -- C:\Users\KERRIN\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.07.12 19:03:29 | 000,001,785 | ---- | M] () -- C:\Users\KERRIN\Desktop\Avira DE-Cleaner.lnk
[2012.07.12 18:59:06 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:59:06 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 18:59:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.12 18:58:55 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.12 12:36:04 | 004,503,728 | ---- | M] () -- C:\ProgramData\go_0molg.pad
[2012.07.08 10:24:13 | 000,002,623 | ---- | M] () -- C:\Users\KERRIN\Desktop\Microsoft Word.lnk
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.02 08:53:20 | 001,561,209 | ---- | M] () -- C:\Users\KERRIN\Desktop\HH092.pdf
[2012.07.01 21:44:15 | 000,398,546 | R--- | M] () -- C:\Users\KERRIN\Desktop\wasserfilter.PDF
[2012.06.14 16:45:49 | 000,265,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.12 19:15:15 | 000,000,924 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.12 19:03:29 | 000,001,856 | ---- | C] () -- C:\Users\KERRIN\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.07.12 19:03:29 | 000,001,785 | ---- | C] () -- C:\Users\KERRIN\Desktop\Avira DE-Cleaner.lnk
[2012.07.12 18:58:55 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.11 16:51:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.07.02 08:53:19 | 001,561,209 | ---- | C] () -- C:\Users\KERRIN\Desktop\HH092.pdf
[2012.07.01 21:44:18 | 000,398,546 | R--- | C] () -- C:\Users\KERRIN\Desktop\wasserfilter.PDF
[2012.01.08 12:52:29 | 006,904,040 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2012.01.08 12:52:29 | 000,017,851 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2010.11.04 21:43:38 | 000,000,325 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.11.04 21:43:38 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.11.04 21:42:41 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat
[2010.11.04 21:42:32 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010.11.04 21:42:32 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010.11.04 21:42:30 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2010.11.04 21:40:08 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.11.04 21:27:07 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.04 21:27:07 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.11.04 21:26:41 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2010.11.04 21:23:23 | 000,000,074 | ---- | C] () -- C:\Windows\Brownie.ini
[2010.07.18 13:13:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.07.18 13:13:24 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.07.14 17:14:49 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.07.14 13:49:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010.07.14 13:07:09 | 000,031,232 | ---- | C] () -- C:\Users\KERRIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.14 12:41:38 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2010.07.14 12:31:22 | 000,000,680 | ---- | C] () -- C:\Users\KERRIN\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012.07.11 18:31:36 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Cigaz
[2012.03.25 09:58:53 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\dBpoweramp
[2012.07.06 21:19:05 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Deoh
[2010.07.14 17:05:15 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Foxit
[2011.10.14 20:21:51 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Foxit Software
[2012.03.12 11:41:16 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Garmin
[2012.04.30 22:07:53 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Guitar Pro 6
[2010.11.09 22:36:11 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\PC-FAX TX
[2010.11.09 20:36:05 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\postgresql
[2011.01.29 19:28:41 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\ScanSoft
[2012.07.12 18:58:01 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Scribus
[2012.07.04 20:18:15 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Uhwi
[2012.07.04 18:20:07 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Yfuw
[2011.01.29 19:28:47 | 000,000,000 | ---D | M] -- C:\Users\KERRIN\AppData\Roaming\Zeon
[2012.07.07 13:58:36 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 12.07.2012 19:36:46 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\KERRIN\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 48,50% Memory free
6,22 Gb Paging File | 4,53 Gb Available in Paging File | 72,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 439,79 Gb Free Space | 76,33% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,55 Gb Free Space | 62,77% Space Free | Partition Type: FAT32
Drive I: | 981,23 Mb Total Space | 980,39 Mb Free Space | 99,91% Space Free | Partition Type: FAT

Computer Name: KERRIN-PC | User Name: KERRIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AC16A62E-4260-4D5F-BF04-860E59A19AEB}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{40419335-AD36-4C57-8375-438979F7702A}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08e\faxrx.exe |
"{760AEDBC-1A9C-42D0-AF88-C446A051AEF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9346AD0A-4C5E-48B3-A94B-4F4B595C6502}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08e\faxrx.exe |
"TCP Query User{14FAFB75-8ECE-4774-B435-589B5E568CA1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{40D66BB7-5E97-4E0C-86BC-39812D838913}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{55DF65AA-A98B-4A93-B547-DED032F263AD}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{A718351B-CE07-4A00-8933-08AABA7C2E06}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A73A52C-5079-4D53-ACA0-875747DEF96F}" = Brother MFC-5890CN
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2ADAEA4C-5366-46BB-AF95-9257AE331031}" = Nero 7 Essentials
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 5.007.01
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4422D20B-F530-4E65-8504-31396C9BC066}" = Google SketchUp 8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E315D6D-0F1C-4C27-920B-807B4F57C8B2}" = Brother MFL-Pro Suite MFC-5890CN
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader_is1" = Foxit Reader 5.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"PROSetDX" = Intel(R) Network Connections 13.0.42.0
"Scribus 1.3.8" = Scribus 1.3.8
"WinRAR archiver" = WinRAR

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.12.2011 03:58:18 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 12.12.2011 14:55:31 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.12.2011 02:41:52 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 13.12.2011 12:12:33 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.12.2011 02:43:16 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.12.2011 08:25:12 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.12.2011 12:29:14 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 15.12.2011 02:42:21 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 15.12.2011 12:10:24 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

Error - 16.12.2011 02:42:09 | Computer Name = KERRIN-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 12:47:00 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 12.07.2012 13:00:37 | Computer Name = KERRIN-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12.07.2012 13:02:25 | Computer Name = KERRIN-PC | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.129.1102.0

Ladende
Modulversion: 1.1.8502.0

Error - 12.07.2012 13:08:05 | Computer Name = KERRIN-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

< End of report >

Bin über jeden Tipp Dankbar und hoffe auf eure Hilfe!

Plagegeist GVU Tojaner 2.07 auf meinem Rechner

Plagegeister aller Art und deren Bekämpfung: Plagegeist GVU Tojaner 2.07 auf meinem Rechner

Plagegeist GVU Tojaner 2.07 auf meinem Rechner

Ähnliche Themen: Plagegeist GVU Tojaner 2.07 auf meinem Rechner