Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Sicherheitswarnung von Adobe Flash Player

Sicherheitswarnung von Adobe Flash Player


Plagegeister aller Art und deren Bekämpfung: Sicherheitswarnung von Adobe Flash Player

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.10.2012, 18:16   #1
Kimochi
 
Sicherheitswarnung von Adobe Flash Player - Beitrag

Sicherheitswarnung von Adobe Flash Player


Guten Abend,
Seit einigen Tagen bekomme ich beim Ansteuern von einigen Websites, eine Sicherheistwarnung vom Adobe Flash Player (siehe Anhang).

Die Suche bei Google brachte leider keine genauen Antworten, manchmal wird gesagt, dass es sich um einen Tracking-Cookie handeln kann oder auch um einen Fehler beim Flashplayer und das eine Neuinstallation Abhilfe schafft.
Ein weiteres Symptom ist, das mein Live-Messenger abstürz, wenn es den Internet Explorer startet.

Da ich es jetzt aber nicht darauf ankommen lassen wollte, habe ich scans mit meinem Antiviren-Progamm G-Data, Malwarebytes' und SUPERAntiSpyware durchgeführt. Alles ergab 0 Treffer (Logs der letzteren 2 Programme leider wieder gelöscht).

Zum Surfen benutze Firefox mit Sandboxie, ob da ein Schädling beim Löschen beseitigt wurde, kann ich leider nicht sagen.

Der Anleitung nach habe ich nun auch Scans mit OTL und GMER durchgeführt.
(Leider ließ sich G-Data bei den Scans nicht komplett Abschalten, lediglich der Wächter)

Code:
ATTFilter
OTL logfile created on: 12.10.2012 21:27:01 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Kuma\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,79% Memory free
5,09 Gb Paging File | 4,62 Gb Available in Paging File | 90,85% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 292,97 Gb Total Space | 34,01 Gb Free Space | 11,61% Space Free | Partition Type: NTFS
Drive D: | 172,78 Gb Total Space | 6,64 Gb Free Space | 3,84% Space Free | Partition Type: NTFS
 
Computer Name: HOMENET | User Name: Kuma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.12 21:19:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kuma\Desktop\OTL.exe
PRC - [2010.04.17 12:56:06 | 000,073,960 | ---- | M] (tzuk) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2009.09.25 16:59:18 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2008.10.29 09:03:24 | 000,955,976 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA\AntiVirus\AVKTray\AVKTray.exe
PRC - [2008.10.29 09:03:16 | 001,089,608 | ---- | M] (G DATA Software AG) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
PRC - [2008.09.08 09:46:56 | 001,185,496 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA\AntiVirus\AVK\AVKWCtl.exe
PRC - [2008.08.19 16:20:50 | 000,386,120 | ---- | M] (G DATA Software AG) -- C:\Programme\G DATA\AntiVirus\AVK\AVKService.exe
PRC - [2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.07.04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Programme\Unlocker\UnlockerCOM.dll
MOD - [2009.06.07 17:25:14 | 000,077,824 | ---- | M] () -- C:\WINDOWS\system32\xvid.ax
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2006.02.28 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.04.22 15:41:17 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.08.08 22:42:14 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010.07.17 03:22:43 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.04.17 12:56:06 | 000,073,960 | ---- | M] (tzuk) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2008.10.29 09:03:16 | 001,089,608 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2008.09.08 09:46:56 | 001,185,496 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\G DATA\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2008.08.19 16:20:50 | 000,386,120 | ---- | M] (G DATA Software AG) [Auto | Running] -- C:\Programme\G DATA\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2008.07.18 15:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.07.09 10:05:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) [Auto | Stopped] -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2008.06.02 15:55:26 | 000,823,296 | ---- | M] (Hauppauge Computer Works) [On_Demand | Stopped] -- C:\Programme\WinTV\HCWTVServer.exe -- (HauppaugeTVServer)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- System32\drivers\aspi32.sys -- (Aspi32)
DRV - [2010.07.17 02:56:45 | 000,068,424 | ---- | M] (G DATA Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD)
DRV - [2010.07.17 02:54:49 | 000,048,712 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2010.07.17 02:54:46 | 000,051,016 | ---- | M] (G DATA Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2010.07.17 02:54:45 | 000,032,328 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010.04.17 12:56:02 | 000,115,944 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.10.21 16:28:42 | 005,934,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.10.07 13:26:18 | 000,099,440 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2009.09.25 16:57:40 | 000,138,240 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009.09.25 16:57:36 | 000,056,576 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009.07.28 10:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.07.09 10:05:22 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008.04.17 17:59:02 | 000,015,616 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw95rc.sys -- (hcw95rc)
DRV - [2008.04.17 17:58:00 | 000,560,640 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw95bda.sys -- (hcw95bda)
DRV - [2008.02.27 04:10:44 | 000,051,176 | ---- | M] (Zone Labs, LLC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2007.07.19 16:10:28 | 000,127,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2007.06.29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.01.04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2004.08.03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Programme\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Programme\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

 
[2010.07.17 18:29:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Kuma\Anwendungsdaten\Mozilla\Firefox\Profiles\afla9uxo.default\extensions
[2010.07.17 13:01:51 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Dokumente und Einstellungen\Kuma\Anwendungsdaten\Mozilla\Firefox\Profiles\afla9uxo.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2011.08.08 22:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.17 03:47:12 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- C:\Programme\Mozilla Firefox\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}
[2010.11.16 23:40:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.08.08 22:42:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2011.01.03 04:30:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2008.12.18 00:34:33 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jar50.dll
[2008.12.18 00:34:33 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jsd3250.dll
[2008.12.18 00:34:33 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\myspell.dll
[2008.12.18 00:34:33 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\spellchk.dll
[2008.12.18 00:34:33 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\xpinstal.dll
[2011.08.08 22:42:14 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2006.08.24 23:07:50 | 000,001,525 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006.08.24 23:07:50 | 000,001,063 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2006.11.10 13:42:00 | 000,000,998 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.11 00:32:03 | 000,000,815 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.09.15 10:21:11 | 000,000,853 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 121.128.133.26 gwgt1.joymax.com
O2 - BHO: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\AntiVirus\Webfilter\AVKWebIE.dll ()
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (G DATA WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\AntiVirus\Webfilter\AVKWebIE.dll ()
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G DATA\AntiVirus\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NUSB3MON] C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O8 - Extra context menu item: Sothink SWF Catcher - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279325201938 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.17 01:41:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.12 21:26:25 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Kuma\Recent
[2012.10.12 21:19:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kuma\Desktop\OTL.exe
[2012.10.12 12:49:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kuma\Anwendungsdaten\Malwarebytes
[2012.10.07 02:18:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kuma\Eigene Dateien\Downloads
[2012.09.21 00:58:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Kuma\Anwendungsdaten\Vessel
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 21:26:08 | 000,516,590 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.10.12 21:26:08 | 000,493,190 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.10.12 21:26:08 | 000,100,688 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.10.12 21:26:08 | 000,083,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.10.12 21:25:58 | 334,004,256 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2012.10.12 21:23:49 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Kuma\Desktop\8krum8i2.exe
[2012.10.12 21:20:31 | 000,084,992 | ---- | M] () -- C:\Dokumente und Einstellungen\Kuma\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.12 21:19:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Kuma\Desktop\OTL.exe
[2012.10.12 20:57:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.12 20:48:07 | 000,010,260 | ---- | M] () -- C:\WINDOWS\HCWPNP.INI
[2012.10.12 19:37:56 | 000,413,046 | ---- | M] () -- C:\Dokumente und Einstellungen\Kuma\Desktop\Neu Bitmap.bmp
[2012.10.12 19:18:41 | 000,358,382 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2012.10.12 19:18:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.12 15:57:36 | 003,917,696 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2012.10.12 14:00:44 | 000,010,290 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.10.08 19:29:42 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 21:23:56 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Kuma\Desktop\8krum8i2.exe
[2012.10.12 19:37:14 | 000,413,046 | ---- | C] () -- C:\Dokumente und Einstellungen\Kuma\Desktop\Neu Bitmap.bmp
[2011.12.25 00:05:25 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.08.27 17:28:56 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.27 17:27:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.08.27 17:23:14 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.08.27 17:23:14 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.08.27 17:23:14 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.06.25 23:02:33 | 000,000,032 | R--- | C] () -- C:\WINDOWS\hash.dat
[2011.06.25 19:28:43 | 000,003,005 | ---- | C] () -- C:\Dokumente und Einstellungen\Kuma\.recently-used.xbel
[2011.06.19 00:59:31 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2011.05.11 14:41:39 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.04.19 07:08:37 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011.04.19 07:08:37 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011.04.19 07:08:37 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011.04.19 07:08:37 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011.04.19 07:08:37 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011.04.19 07:08:37 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011.04.19 07:08:37 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011.04.19 07:08:37 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011.04.19 07:08:37 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011.04.19 07:08:37 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011.04.19 07:08:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011.04.19 07:08:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011.04.19 07:08:37 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011.04.19 07:08:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011.04.19 07:08:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011.04.19 07:08:37 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011.04.19 07:08:37 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011.04.19 07:08:37 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011.04.19 07:08:37 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011.04.19 07:04:29 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2011.02.13 14:46:09 | 000,196,424 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.02.06 20:48:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.02.02 15:03:54 | 000,000,015 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2010.12.05 06:19:35 | 334,004,256 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010.12.05 06:16:25 | 000,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc0407.dll
[2010.12.05 06:16:25 | 000,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc0407.dll
[2010.12.05 06:16:13 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll
[2010.11.24 00:33:26 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.11.02 23:41:19 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.02 23:41:19 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.07.18 12:11:06 | 000,084,992 | ---- | C] () -- C:\Dokumente und Einstellungen\Kuma\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.17 02:44:40 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010.07.17 02:44:40 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010.07.17 02:44:40 | 000,000,853 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
 
========== ZeroAccess Check ==========
 
[2010.08.25 00:27:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 17:35:16 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:18:19 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2006.02.28 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 207 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:44807EFA
@Alternate Data Stream - 180 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:408F95E5

< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 12.10.2012 21:27:01 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Kuma\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,79% Memory free
5,09 Gb Paging File | 4,62 Gb Available in Paging File | 90,85% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 292,97 Gb Total Space | 34,01 Gb Free Space | 11,61% Space Free | Partition Type: NTFS
Drive D: | 172,78 Gb Total Space | 6,64 Gb Free Space | 3,84% Space Free | Partition Type: NTFS
 
Computer Name: HOMENET | User Name: Kuma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DDDE141-9696-4E33-AB82-EF398169D7E5}" = Ulead PhotoImpact XL
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EA84402-CD4F-4F19-AFED-C5C228259873}" = G DATA AntiVirus
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.0.2827
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{534802E0-761E-47F4-BD27-061BC8F976AE}" = O&O SafeErase
"{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Fraps" = Fraps (remove only)
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"ImgBurn" = ImgBurn
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"mIRC" = mIRC
"Mozilla Firefox (10.0)" = Mozilla Firefox (10.0)
"OpenAL" = OpenAL
"RealAlt_is1" = Real Alternative 2.0.2
"Sandboxie" = Sandboxie 3.70
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 108500" = Vessel
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 206500" = AirMech
"Steam App 211600" = Thief Gold
"Steam App 22000" = World of Goo
"Steam App 35720" = Trine 2
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 40800" = Super Meat Boy
"Steam App 41500" = Torchlight
"Steam App 440" = Team Fortress 2
"Steam App 4540" = Titan Quest
"Steam App 48000" = LIMBO
"Steam App 49600" = Beat Hazard
"Steam App 63000" = HOARD
"Steam App 65300" = Dustforce
"Steam App 65800" = Dungeon Defenders
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 94200" = Jamestown
"Unlocker" = Unlocker 1.9.0
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VideoMach" = VideoMach
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoneAlarm" = ZoneAlarm
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Inkscape" = Inkscape 0.48.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.05.2011 18:18:45 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wintv.exe, Version 6.0.26080.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x003f3125.
 
Error - 11.05.2011 07:23:21 | Computer Name = HOMENET | Source = NVIDIA OpenGL Driver | ID = 1
Description = Too many errors occured, which indicates a serious problem from which
 we cannot recover. The application must close.  Please visit hxxp://www.nvidia.com/page/support.html
 for help.
 
Error - 20.05.2011 16:37:50 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung darksiderspc.exe, Version 1.0.0.1, fehlgeschlagenes
 Modul d3d9.dll, Version 5.3.2600.2180, Fehleradresse 0x0002b1fc.
 
Error - 24.05.2011 09:17:02 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mpc-hc.exe, Version 1.5.0.2827, fehlgeschlagenes
 Modul d3dim700.dll, Version 5.3.2600.2180, Fehleradresse 0x00012f6b.
 
Error - 25.05.2011 17:58:15 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung supermeatboy.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x00018af2.
 
Error - 06.06.2011 20:06:06 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wintv.exe, Version 6.0.26080.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x003f3125.
 
Error - 08.06.2011 09:07:05 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung supermeatboy.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x00018af2.
 
Error - 06.07.2011 10:03:44 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mpc-hc.exe, Version 1.5.0.2827, fehlgeschlagenes
 Modul flash10h.ocx, Version 10.1.53.64, Fehleradresse 0x0014e391.
 
Error - 09.07.2011 14:27:16 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung supermeatboy.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x00018af2.
 
Error - 10.07.2011 07:14:43 | Computer Name = HOMENET | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung supermeatboy.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x00018af2.
 
[ System Events ]
Error - 10.10.2012 13:43:06 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460
 
Error - 11.10.2012 13:18:55 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 11.10.2012 13:22:46 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460
 
Error - 12.10.2012 06:20:18 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 12.10.2012 06:24:09 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460
 
Error - 12.10.2012 09:25:51 | Computer Name = HOMENET | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SASKUTIL\0000" wurde ohne vorbereitende Maßnahmen
 vom System entfernt.
 
Error - 12.10.2012 13:19:47 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 12.10.2012 13:23:38 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460
 
Error - 12.10.2012 15:22:49 | Computer Name = HOMENET | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "helpsvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}
 
Error - 12.10.2012 15:26:07 | Computer Name = HOMENET | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
 
< End of report >
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-12 23:55:42
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-10 WDC_WD5001AALS-00L3B2 rev.01.03B01
Running: 8krum8i2.exe; Driver: C:\DOKUME~1\Kuma\LOKALE~1\Temp\pwdyrpog.sys


---- System - GMER 1.0.15 ----

SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwClose [0xB84A13B0]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwConnectPort [0xB0248040]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwCreateFile [0xB0244930]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwCreateKey [0xB84A2090]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwCreatePort [0xB0248510]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwCreateWaitablePort [0xB0248600]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwDeleteFile [0xB0244F20]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwDeleteKey [0xB84A21B2]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwDeleteValueKey [0xB84A21D4]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwLoadKey [0xB02508B0]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwOpenFile [0xB0244D70]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwOpenKey [0xB84A2118]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwOpenProcess [0xB84A12D6]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwRenameKey [0xB0251250]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwReplaceKey [0xB0250CB0]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwRequestWaitReplyPort [0xB0247C00]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwRestoreKey [0xB0251080]
SSDT    \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)            ZwSetInformationFile [0xB0245120]
SSDT    \??\C:\WINDOWS\system32\drivers\HookCentre.sys (Security Hook/G DATA Software AG)      ZwSetValueKey [0xB84A2184]

Code    895DBCEC                                                                               ZwRequestPort
Code    895DBC4C                                                                               ZwTraceEvent
Code    895DBCEB                                                                               NtRequestPort
Code    895DBC4B                                                                               NtTraceEvent

---- Kernel code sections - GMER 1.0.15 ----

.text   ntkrnlpa.exe!NtTraceEvent                                                              80534374 5 Bytes  JMP 895DBC50 
PAGE    ntkrnlpa.exe!NtRequestPort                                                             805A1520 5 Bytes  JMP 895DBCF0 
?       srescan.sys                                                                            Das System kann die angegebene Datei nicht finden. !
.text   C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                               section is writeable [0xB2D0F380, 0x8D6CD5, 0xE8000020]
.text   win32k.sys!EngPaint + 4F1                                                              BF8255EF 5 Bytes  JMP 895DB610 
.text   win32k.sys!CLIPOBJ_bEnum + 2982                                                        BF831388 5 Bytes  JMP 895DB750 
.text   win32k.sys!EngUnmapFontFileFD + EE41                                                   BF841183 5 Bytes  JMP 895DB6B0 
.text   win32k.sys!FONTOBJ_pxoGetXform + DE42                                                  BF85AD4E 5 Bytes  JMP 895DBA70 
.text   win32k.sys!EngStretchBltROP + 34B9                                                     BF8BA262 5 Bytes  JMP 895DB930 
.text   win32k.sys!PATHOBJ_bCloseFigure + 19F1                                                 BF8F9A45 5 Bytes  JMP 895DB9D0 
.text   win32k.sys!EngCreateClip + 19C1                                                        BF913245 5 Bytes  JMP 895DBB10 
.text   win32k.sys!EngCreateClip + 1F51                                                        BF9137D5 5 Bytes  JMP 895DBBB0 
.text   win32k.sys!EngCreateClip + 2597                                                        BF913E1B 5 Bytes  JMP 895DB890 

---- Devices - GMER 1.0.15 ----

Device  \Driver\Tcpip \Device\Ip                                                               vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device  \Driver\Tcpip \Device\Ip                                                               GDTdiIcpt.sys (G DATA Software AG)
Device  \Driver\Tcpip \Device\Tcp                                                              vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device  \Driver\Tcpip \Device\Tcp                                                              GDTdiIcpt.sys (G DATA Software AG)
Device  \Driver\Tcpip \Device\Udp                                                              vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device  \Driver\Tcpip \Device\Udp                                                              GDTdiIcpt.sys (G DATA Software AG)
Device  \Driver\Tcpip \Device\RawIp                                                            vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device  \Driver\Tcpip \Device\RawIp                                                            GDTdiIcpt.sys (G DATA Software AG)
Device  \Driver\Tcpip \Device\IPMULTICAST                                                      vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
Device  \Driver\Tcpip \Device\IPMULTICAST                                                      GDTdiIcpt.sys (G DATA Software AG)

---- Registry - GMER 1.0.15 ----

Reg     HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System                                  
Reg     HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OOSAFEERASE03.00.00.01MSWINDOWS  884C7AE65D275E69A8B62833A62E5254ED4AE9A914F268E005544AC3E530E5444106C0883BDFF4551E63D59B796AF29C16479E4B8FF996F1C57783BB7C4F58A95D445799AEAEB9D56DBCC566315BD213F16F844B259E34E6BD41607C1164142EA9CB14377CE8531D1E4FF1425DEC4BCB65B75A885104EE564DB086382EEE3C89A143A0855D0679A26B0BA8E30431499F86F8B4E7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A2D97226D213B555BA7FD869164D6794E576934CCDF81329D36FD4267AEF8D04A514DFCAA6695BE3BA0416D7A8C1AEDECF9C2E41638F9B3426F4BDA5D2E4CDAE07692226722594FB0934A9D8F5E4B830AF191945455DA443D89DFAF35AEE61AEF8583B0EDEB0D78D2648A188249970D5753B086566ACF62127D27002E13E5381A303667436C596E449B82C799D414C8E0577BBF5EC272B9E431F99836C6805A82730F18D7A8214D31FA58D020025979B38E50F0FB35FB08E513502F032E7A72715473F535F6A6B3145D21E3B1C6EEC4559C1EC89C8C74BC8EB6A4B851E98C48572D7C5824EE207564E25C584F72FC0552AEB5505EF3B11A79E36AB43D03D3952B9130F9CE2B6A820432A87FE4DD8589A5BE65E669E74EB0DEAB66AEC9C7A311DD8D0B866ED9465711D0FF49

---- EOF - GMER 1.0.15 ----
Miniaturansicht angehängter Grafiken
Klicken Sie auf die Grafik für eine größere Ansicht Name: meldung.JPG Hits: 487 Größe: 78,9 KB ID: 44921  

 

Themen zu Sicherheitswarnung von Adobe Flash Player
antivirus, audacity, bho, downloader, error, fehler, firefox, flash player, fontcache, format, g-data, google, help, home, internet, internet explorer, kaspersky, logfile, ntdll.dll, plug-in, problem, realtek, registry, rundll, schädling, security, software, usb, usb 3.0, warnung, win32k.sys


« Alle Internetbrowser langsam bezüglich Seitenaufbau , verdacht auf Virus | Ihavenet und Windows-Sicherheitscenter Probleme »


Ähnliche Themen: Sicherheitswarnung von Adobe Flash Player


  1. Adobe Flash Player
    Log-Analyse und Auswertung - 21.11.2015 (28)
  2. Adobe Flash-Player funktioniert nicht
    Alles rund um Windows - 26.10.2015 (0)
  3. Windows 8: Adobe Flash Player Script Fehler bei GMX
    Log-Analyse und Auswertung - 16.09.2015 (11)
  4. Adobe Flash Player Aktualisierung Virus
    Plagegeister aller Art und deren Bekämpfung - 08.12.2014 (2)
  5. Problem mit dem Update von Adobe Flash Player
    Log-Analyse und Auswertung - 27.01.2014 (1)
  6. Adobe Flash Player, Clickjacking
    Diskussionsforum - 13.09.2013 (8)
  7. Windows 7: Adobe Flash Player - ZeroAccess
    Log-Analyse und Auswertung - 08.09.2013 (21)
  8. Das runterladen von Adobe flash player und alles was mit adobe zu tun hat , geht nicht runterzuladen. installation bricht immer ab. vielleic
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (11)
  9. Adobe dichtet Flash Player, Shockwave und ColdFusion ab
    Nachrichten - 10.07.2013 (0)
  10. große probleme mit adobe flash player
    Plagegeister aller Art und deren Bekämpfung - 16.03.2013 (2)
  11. Virus Benutzerkontensteurung Adobe Flash Player
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (1)
  12. Adobe kündigt Notfall-Patch für Flash-Player an
    Nachrichten - 21.09.2011 (0)
  13. Updates für Flash Player und Adobe Reader
    Nachrichten - 22.03.2011 (0)
  14. Adobe veröffentlicht finale Version des Flash Player 10.1
    Nachrichten - 11.06.2010 (0)
  15. Mehrere Löcher im Adobe Flash Player geschlossen
    Nachrichten - 09.12.2009 (0)
  16. Adobe-Flash-Player- und RAR/ZIP/etc.-Probleme, Virenverdacht, Hijackthis-Log
    Log-Analyse und Auswertung - 27.10.2009 (9)
  17. Adobe stopft zahlreiche Lücken im Flash Player und AIR
    Nachrichten - 31.07.2009 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Sicherheitswarnung von Adobe Flash Player - Guten Abend, Seit einigen Tagen bekomme ich beim Ansteuern von einigen Websites, eine Sicherheistwarnung vom Adobe Flash Player (siehe Anhang). Die Suche bei Google brachte leider keine genauen Antworten, manchmal - Sicherheitswarnung von Adobe Flash Player...
Archiv
Du betrachtest: Sicherheitswarnung von Adobe Flash Player auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19