Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
tr/symmi.24101.1 und adware/installbrain.f gefunden

tr/symmi.24101.1 und adware/installbrain.f gefunden


Log-Analyse und Auswertung: tr/symmi.24101.1 und adware/installbrain.f gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.12.2013, 23:28   #1
TrommelMatze
 
tr/symmi.24101.1 und adware/installbrain.f gefunden - Standard

tr/symmi.24101.1 und adware/installbrain.f gefunden


Hallo Zusammen,

hab heute beim Suchlauf diese blöden Dinger gefunden:

tr/symmi.24101.1 und adware/installbrain.f

Kann jemand helfen?

Logs von OTL:

OTL Extras logfile created on: 09.12.2013 23:10:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\IUMUL\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407
1,75 Gb Total Physical Memory
3,50 Gb Paging File
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C:
Drive C:
Drive D:
Drive E:
Drive F:
Drive G:
Drive H:
Unable to calculate disk information.
Drive L:
Computer Name: IUMUL-PC
Boot Mode: Normal
Company Name Whitelist: Off
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F58619-95F9-44D5-956C-1F2D9DB5DE4A}" = rport=139
"{0565D42B-873E-4F6A-834B-37C1A1F5A6D1}" = lport=138
"{09D121A1-B270-4BF2-A4B3-408B32B05462}" = lport=10243
"{10887B30-B91A-4EF2-9991-AB52C3FE6A81}" = rport=137
"{1C2A7074-5C40-4E28-B89B-C9119627377A}" = rport=2177
"{229A46A6-E4C3-41D1-8B29-654712EB977F}" = rport=1900
"{28F9CD2D-0138-4305-AED6-4A56DCEB1B45}" = rport=138
"{43DFF07F-943F-41B2-806C-F393054E66DA}" = lport=rpc-epmap
"{58ECBBE1-9323-4968-BCAE-6DA071D4AA65}" = rport=2177
"{615558D4-D72D-4EC9-8E84-533780413ADE}" = lport=445
"{6938AAD8-7729-4A58-B675-157EE10E913A}" = lport=139
"{74D6154C-EDFD-4574-A366-7A36AB44A696}" = lport=2177
"{76175CB4-190E-4B47-ABFF-7847CDA50D8C}" = rport=5355
"{7BB8C249-CB0C-49C6-AC2F-7FEA24086CBB}" = rport=10243
"{8EB7FE8F-A75C-41C3-8295-5E414B6EC3C3}" = lport=137
"{9C7072B6-DF33-450D-BB6C-1D2A04A3F55D}" = rport=445
"{9EF1CAB5-F220-4254-BB70-56CD13086A37}" = lport=2177
"{B88A52AD-C5C3-477D-817A-B5FB2260443A}" = lport=rpc
"{BBFCBC25-048D-4713-9237-B21E148A6EE3}" = lport=1900
"{CEB2DDA4-FC10-4B47-ABDC-4036BA003E89}" = lport=5355
"{D3635474-02F9-402F-82C4-6F42FA405B68}" = lport=2869
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24E6B5C3-C782-4B05-A042-79AB01614EF6}" = protocol=6
"{2617FBFE-CEFA-4345-9CAC-CEAC92C856B0}" = protocol=6
"{30D95D8C-C530-4FD3-82CC-992F46BCD332}" = protocol=17
"{3C4D3FB1-3D5B-4880-90F1-1941245E4AE1}" = protocol=17
"{3CA6F6CE-7D8D-48C3-961B-B44A0EEB7728}" = protocol=6
"{538E8D60-3418-494E-A447-3C0B3BFAC2C1}" = protocol=6
"{61E471FF-0132-465F-98FF-492C58354DD5}" = protocol=6
"{70B5B073-F71A-45A1-8B8C-998A8AA0C176}" = protocol=6
"{75B84281-6881-46BB-A93D-A4928CD0A515}" = protocol=17
"{7B00FF6F-0888-42B0-9233-2349389A78FA}" = dir=in
"{8048C788-D540-4E5F-8DC6-4D14EE8AFD59}" = protocol=17
"{9463DDF2-B60D-4FC3-B5D1-40118559B3D0}" = protocol=17
"{9A43CB56-5268-47D4-8E79-8DCBD46CC8AE}" = protocol=17
"{A3A7DE80-003A-4C70-84FD-02BBC2FB8251}" = protocol=17
"{CB74EDDA-B762-46AD-ACBD-3032E0D2E0DF}" = protocol=6
"{D32C0FC2-7329-4743-BEA1-57EA3A1C226F}" = protocol=58
"{D41533DB-68DF-4E39-AD42-BC554F523DC0}" = protocol=6
"{E14155DD-B7D5-4AB6-9C8A-E6D18E503DAD}" = protocol=58
"{E361F4CB-33D0-4058-83D8-02F49DD32E30}" = dir=in
"{EA08EFD8-CFDF-4EF3-B5FF-F70D3F582FFF}" = protocol=17
"{EAD43958-A199-4F16-949E-A6074CBBD763}" = protocol=1
"{F3B1EBD5-631C-473C-B489-812C7A1703B0}" = protocol=17
"{F797391E-E08D-4DBF-B4CC-9D5F87F6B9C1}" = protocol=1
"{FB1239B5-E9F0-4444-9E82-0B9E974F7847}" = dir=in
"TCP Query User{C7AEF288-081A-4516-9E9E-D01EFF299F22}E:\program files (x86)\winamp\winamp.exe" = protocol=6
"TCP Query User{F93A515C-5143-4DD1-9691-7D379B029256}C:\program files (x86)\winamp\winamp.exe" = protocol=6
"TCP Query User{FDAC8ECC-33BE-4C4B-9F2D-6129DAC42823}C:\program files (x86)\winamp\winamp.exe" = protocol=6
"UDP Query User{1FD51D88-88E7-4F2A-A1C4-0630AA6E9BD4}C:\program files (x86)\winamp\winamp.exe" = protocol=17
"UDP Query User{87D6838F-D257-4558-B163-E85C5916A97A}C:\program files (x86)\winamp\winamp.exe" = protocol=17
"UDP Query User{A003FFEF-AD1A-4B29-B582-072FA66128ED}E:\program files (x86)\winamp\winamp.exe" = protocol=17
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{40BD15A3-E031-5CF1-6994-550A4C059127}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8839BB38-ED2A-983E-9B6F-3D3A0561C812}" = ccc-utility64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"McAfee Security Scan" = McAfee Security Scan Plus
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0473431D-BD96-CF15-20E4-E0D7DC10AD26}" = CCC Help Chinese Standard
"{130FDD98-1B63-81EA-B3D7-1B433D7B618E}" = CCC Help Czech
"{2213939A-BE42-6E81-2535-B9D4472913F8}" = CCC Help Portuguese
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2F67065F-4996-16ED-0512-8BBBEDB81A5B}" = CCC Help German
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{383994F0-C2A2-60D8-1CC3-66FC2D59A05D}" = CCC Help Finnish
"{3A528452-356F-C893-C35F-E3D80A226E45}" = CCC Help English
"{429FF822-DC94-1235-4520-FFDC91596ED1}" = CCC Help Swedish
"{48C4479E-F3EE-FD46-5200-AF260F7E87A2}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{511A29A9-11EF-21C1-B0A7-F933824D8447}" = CCC Help Turkish
"{55C4E412-C5D9-DD5C-83CD-53B2762E65C4}" = CCC Help Chinese Traditional
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5EC30B43-6501-F465-1505-A2DB41B4113F}" = CCC Help Spanish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62B6C3FD-E57A-83A0-C2FF-B3E624B17492}" = CCC Help Hungarian
"{63B152B4-4814-E1CA-B781-9B2CD23028BD}" = Catalyst Control Center Graphics Previews Vista
"{65A36920-ADC5-EDE8-9F79-DFC691C9A82E}" = Catalyst Control Center Core Implementation
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76E4856F-F288-3165-30CF-FEEF03D29B52}" = CCC Help Polish
"{77ED0A78-8C9D-548F-1F0E-75ABC5CF5444}" = CCC Help Danish
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{848929E1-76A3-FC37-18C6-62AACF4F3CF7}" = Catalyst Control Center Graphics Full Existing
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8BEBFC25-802A-7443-87AE-BDFC41527594}" = ccc-core-static
"{9BBF60B1-265F-13E8-70E1-8CC88CCD3115}" = Catalyst Control Center Localization All
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6EB542-9032-1F26-193E-A21226FBEF32}" = CCC Help Korean
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Deutsch
"{B5DE4A84-7193-A9FE-2C3A-A773E886A53F}" = CCC Help Norwegian
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C13B977D-9658-53BF-3B79-A8BCE058090E}" = Catalyst Control Center InstallProxy
"{CECC39B9-3E8E-823C-FF2F-93868FEAA6DA}" = CCC Help Japanese
"{D26FC127-8398-4D3C-C9BE-562E4DC81F98}" = CCC Help Thai
"{E09127D3-CF83-BE1F-8F59-8CF0A9E48EC0}" = CCC Help Dutch
"{E215568A-DAD0-6482-5531-6FDBD5FD3112}" = CCC Help French
"{E4A68721-042C-EFED-01C5-DF83E63B8AC5}" = CCC Help Greek
"{E613E401-A4F2-2C1F-ABF2-A3E5EFDEDA9D}" = Catalyst Control Center Graphics Light
"{E903279F-5A37-6D67-100B-40A7CC2B6763}" = CCC Help Russian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F86947BA-0A68-8DE2-BDEF-E8822981A5FF}" = CCC Help Italian
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Audacity_is1" = Audacity 2.0.2
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"LastFM_is1" = Last.fm Scrobbler 2.1.36
"Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"Winamp" = Winamp
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.12.2013 10:41:33
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 08.12.2013 16:28:33
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 08.12.2013 16:28:33
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 08.12.2013 16:28:33
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 09.12.2013 14:58:52
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 09.12.2013 14:58:52
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 09.12.2013 14:58:52
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error - 09.12.2013 17:33:52
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 09.12.2013 17:33:52
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 09.12.2013 17:33:52
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
[ System Events ]
Error - 25.04.2013 07:36:28
Description = Display is not active
Error - 26.04.2013 02:14:33
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 02:14:33
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 02:14:33
Description = Display is not active
Error - 26.04.2013 08:49:22
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 08:49:22
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 08:49:22
Description = Display is not active
Error - 26.04.2013 16:23:43
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 16:23:43
Description = CPLIB :: General - Invalid Parameter
Error - 26.04.2013 16:23:43
Description = Display is not active
< End of report >

OTL logfile created on: 09.12.2013 23:10:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\IUMUL\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407
1,75 Gb Total Physical Memory
3,50 Gb Paging File
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C:
Drive C:
Drive D:
Drive E:
Drive F:
Drive G:
Drive H:
Unable to calculate disk information.
Drive L:
Computer Name: IUMUL-PC
Boot Mode: Normal
Company Name Whitelist: Off
========== Processes (SafeList) ==========
PRC - C:\Users\IUMUL\Downloads\otl(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dd8f4efb7e81c75fe444a180f6f1aacf\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe ()
MOD - C:\Program Files (x86)\ASUS\AI Suite\Q-Button\vvc.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite\Q-Button\pngio.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite\Q-Button\AiNap.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.8.130\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114506&tt=0113_3&babsrc=HP_clro&mntrId=86e1d58d00000000000090e6babc4918
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EC C7 B5 F6 41 AA CD 01 [binary data]
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=0113_3&babsrc=SP_clro&mntrId=86e1d58d00000000000090e6babc4918
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\SearchScopes\{0F2BFD09-B682-4E45-96CA-F78867A904FE}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d3a519b8-b9d8-4808-959e-040a008187dc&apn_sauid=08A13E5D-E1D4-4699-B21D-657A6366674D
IE - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: toolbar%40ask.com:3.15.5.28481
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.17 18:36:53
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.17 18:36:54
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.17 18:36:53
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.17 18:36:54
[2012.10.14 20:29:11
[2013.09.27 21:19:48
[2013.01.03 12:04:18
[2013.01.03 12:04:18
[2013.01.03 11:42:39
[2013.11.17 18:36:53
[2013.11.17 18:37:00
[2012.06.28 16:42:00
[2013.01.03 11:42:31
O1 HOSTS File: ([2009.06.10 22:00:26
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ai Nap] C:\Program Files (x86)\ASUS\AI Suite\Q-Button\QButton.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-3098933081-2178596554-1815352360-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\IUMUL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D89E011A-3340-496A-A200-A79F04EE04E1}: DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.05.03 21:43:12
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.12.04 15:23:25
[2013.12.04 15:20:01
[2013.12.04 15:20:01
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:11
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:18:50
[2013.12.04 15:18:50
[2013.11.23 23:41:20
[2013.11.23 23:41:17
[2013.11.23 22:54:22
[2013.11.23 22:54:18
[2013.11.17 18:36:53
[2013.11.14 16:13:37
[2013.11.14 16:13:29
[2013.11.14 16:13:29
[2013.11.14 16:13:29
[2013.11.14 16:13:29
[2013.11.14 16:13:28
[2013.11.14 16:13:25
[2013.11.14 16:13:25
[2013.11.14 16:13:25
[2013.11.14 16:13:25
[2013.11.14 16:13:25
========== Files - Modified Within 30 Days ==========
[2013.12.09 22:46:05
[2013.12.09 22:37:16
[2013.12.09 22:37:16
[2013.12.09 22:33:55
[2013.12.09 22:33:55
[2013.12.09 22:33:55
[2013.12.09 22:33:55
[2013.12.09 22:33:55
[2013.12.09 22:29:35
[2013.12.09 22:29:33
[2013.12.06 18:01:10
[2013.12.04 15:20:01
[2013.12.04 15:20:01
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:58
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:57
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:56
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:55
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:54
[2013.12.04 15:19:11
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:19:10
[2013.12.04 15:18:50
[2013.12.04 15:18:50
[2013.11.25 22:50:38
[2013.11.25 22:50:38
[2013.11.25 22:50:38
[2013.11.23 23:41:20
[2013.11.23 23:41:20
[2013.11.23 22:54:16
[2013.11.23 22:54:15
========== Files Created - No Company Name ==========
[2013.12.04 15:19:57
[2013.12.04 15:19:55
[2013.11.23 22:54:18
[2013.11.23 22:54:18
[2013.09.02 21:39:33
[2013.09.02 21:39:33
[2013.08.12 14:13:58
[2013.04.14 22:20:19
[2013.02.17 21:13:53
[2012.10.30 06:40:37


Passt das so erst mal?

 

Themen zu tr/symmi.24101.1 und adware/installbrain.f gefunden
7-zip, adware.installbrain, adware/installbrain.f, audiograbber, autorun, avira, avira searchfree toolbar, desktop, fehler, homepage, iexplore.exe, install.exe, picasa, prozess, pup.bprotector, pup.funmoods, pup.offerbundler.st, pup.optional.babylon.a, pup.optional.bprotector.a, pup.optional.datamngr.a, pup.optional.installcore.a, pup.optional.opencandy, pup.optional.softonic.a, registry, rundll, security, software, svchost.exe, usb, windows


« Win7: Snap.Do und Internet Probleme | Conduit Search & Protect - trotz Deinstallieren immer noch im PC! »


Ähnliche Themen: tr/symmi.24101.1 und adware/installbrain.f gefunden


  1. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  2. Adware installbrain.asa?
    Plagegeister aller Art und deren Bekämpfung - 13.11.2014 (17)
  3. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  4. Trojaner gefunden, wie entfernen? TR/Symmi.10088.29
    Plagegeister aller Art und deren Bekämpfung - 31.03.2014 (2)
  5. Virus erkannt TR/BProtector.Gen und ADWARE/InstallBrain.F
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (7)
  6. PUP.InstallBrain auf Laptop Win7 x64 gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.05.2013 (10)
  7. Befall von PUP.InstallBrain und ADWARE/BHO.Z
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (9)
  8. Bundestrojaner, Malwarefunde: Exploit.Drop.2 , PUP.InstallBrain , Adware.Shopper
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (13)
  9. PUP.InstallBrain gefunden
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (28)
  10. pup.installbrain nach Problemen mit Internetexplorer und MSupdate gefunden
    Log-Analyse und Auswertung - 27.03.2013 (23)
  11. PUP.installbrain zufällig mit Anti-Malwarebytes gefunden - was soll ich tun?
    Log-Analyse und Auswertung - 18.03.2013 (9)
  12. laptop extrem langsam, pup.installbrain gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (15)
  13. TR/injector.aop und TR/Symmi.6340.3 gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (24)
  14. Auf Vista pup.installbrain und pup.dealio.TB gefunden!
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (24)
  15. PUP.Adbundle PUP.BundleInstaller.VG PUP.InstallBrain mit MalwareBytes gefunden, was tun?
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (11)
  16. ADWARE/InstallBrain.Gen
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (3)
  17. Adware/InstallBrain.Gen entfernen
    Log-Analyse und Auswertung - 11.09.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema tr/symmi.24101.1 und adware/installbrain.f gefunden - Hallo Zusammen, hab heute beim Suchlauf diese blöden Dinger gefunden: tr/symmi.24101.1 und adware/installbrain.f Kann jemand helfen? Logs von OTL: OTL Extras logfile created on: 09.12.2013 23:10:01 - Run 1 OTL - tr/symmi.24101.1 und adware/installbrain.f gefunden...
Archiv
Du betrachtest: tr/symmi.24101.1 und adware/installbrain.f gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131