Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Spy.Browse.A

TR/Spy.Browse.A


Plagegeister aller Art und deren Bekämpfung: TR/Spy.Browse.A

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.07.2010, 15:21   #1
SichlMichl
 
TR/Spy.Browse.A - Unglücklich

TR/Spy.Browse.A


Hallo Helfer!

Ich habe auf meinem Laptop den Trojaner TR/Spy.Browse.A.

Ich habe schon ein bisschen rumgelesen und festgestellt, dass der auch schon andere Systeme angegriffen hat.

Aus diesem Thread(s) habe ich auch gelesen, welche Schritte zu einer Vorabanalyse durchgeführt werden sollen.

Hier sind die 3 Logfiles:

Malwarebytes'
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4332

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.07.2010 21:57:49
mbam-log-2010-07-20 (21-57-49).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 125757
Laufzeit: 11 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9301f87-82ed-47f5-82ab-498ef4dcb0f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9301f87-82ed-47f5-82ab-498ef4dcb0f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Standard\Desktop\.url (Malware.Trace) -> Quarantined and deleted successfully.

GMER
Code:
ATTFilter
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-07-20 22:09:03
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOKUME~1\Standard\LOKALE~1\Temp\afaoapoc.sys


---- Kernel code sections - GMER 1.0.15 ----

?               bfuqimhh.sys                                                                                                                          Das System kann die angegebene Datei nicht finden. !
init            C:\WINDOWS\system32\drivers\ALCXSENS.SYS                                                                                              entry point in "init" section [0xBA5D1900]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                    [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                             [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                        [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                 [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                       [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                 [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                        [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                              [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                              [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                              [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW]                                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]                                   [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                          [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                 [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]            [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                  [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                      [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                      [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                      [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]               [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                     [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]               [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]        [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]  [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]          [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                 [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                            [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                  [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                            [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]                         [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!CreateProcessW]                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\shell32.dll [ADVAPI32.dll!CreateProcessAsUserW]                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]            [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]     [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]             [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]     [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                              fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
OTL Extras
Code:
ATTFilter
OTL Extras logfile created on: 20.07.2010 22:16:41 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\Standard\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
495,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 28,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 26,87 Gb Total Space | 2,48 Gb Free Space | 9,24% Space Free | Partition Type: FAT32
Drive D: | 9,01 Gb Total Space | 9,01 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ACER-9EC38315D8
Current User Name: Standard
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}" = Janosch Vorschule
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{21E90952-11F1-4473-9D6C-2EE09BCB10C3}" = OpenOffice.org 2.0
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Arcade 3.0
"{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Internet Library
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = RAW Image Task 1.2
"{4C96958A-6562-4143-B820-FF4890D3B734}" = Camera Window DVC
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142070}" = Java 2 Runtime Environment, SE v1.4.2_07
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = MovieEdit Task
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Camera Window DS
"{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Camera Support Core Library
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B991B020-2968-11D8-AF23-444553540000}_is1" = FreeMind
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Camera Window MC
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = 
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ERUNT_is1" = ERUNT 1.1j
"Home Photo Service Light" = Home Photo Service Light
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Canon Internet Library for ZoomBrowser EX
"InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{4C96958A-6562-4143-B820-FF4890D3B734}" = Canon Camera Window DVC for ZoomBrowser EX
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"InstallShield_{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Canon Camera Support Core Library
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold 
"InstallShield_{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Canon Camera Window for ZoomBrowser EX
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = Ahead NeroMIX
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows CE Services" = Microsoft ActiveSync 3.8
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.03.2010 16:00:05 | Computer Name = ACER-9EC38315D8 | Source = Avira AntiVir | ID = 4118
Description = 
 
Error - 11.04.2010 15:29:48 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 11.04.2010 15:30:11 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 12.04.2010 06:36:10 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 12.04.2010 06:41:13 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 06.07.2010 03:35:44 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3814, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 06.07.2010 16:52:08 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul shlwapi.dll, Version 6.0.2900.5912, Fehleradresse 0x000592d7.
 
Error - 11.07.2010 15:35:25 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 18.07.2010 16:38:27 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung pushinst.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul pushinst.exe, Version 0.0.0.0, Fehleradresse 0x00004091.
 
Error - 20.07.2010 15:13:10 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Load.exe, Version 3.3.6.1, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 20.07.2010 15:24:23 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Planer" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 15:24:24 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Guard" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 15:24:24 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "T-Online WLAN Adapter Steuerungsdienst" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 16:00:27 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   IntelIde
 
 
< End of report >

Ich wäre euch wirklich dankbar, wenn ihr mir helfen könntet, das System wieder zu säubern...

Viele Grüße,
Michl

 

Themen zu TR/Spy.Browse.A
7-zip, adobe, agere systems, antivir, avg, avira, browser, canon, desktop, einstellungen, error, firefox, firefox.exe, flash player, format, helper, home, iexplore.exe, jusched.exe, launch, load.exe, location, mozilla, officejet, oldtimer, olympus, realtek, registry, rundll, saver, security, shell32.dll, software, stick, tcp, temp, trojaner, udp, windows internet, windows internet explorer


« BENUTZERNAME.vbs Virus entfernen? | Malware gefunden: autoougc.dll = TR/PSW.Papras.AB »


Ähnliche Themen: TR/Spy.Browse.A


  1. Ads By Browse Plus entfernen
    Anleitungen, FAQs & Links - 21.09.2015 (2)
  2. Browse for the Cause entfernen
    Anleitungen, FAQs & Links - 24.08.2015 (2)
  3. Ads By Browse Beyond entfernen
    Anleitungen, FAQs & Links - 16.08.2015 (2)
  4. Browse Pax Deals entfernen
    Anleitungen, FAQs & Links - 24.03.2014 (2)
  5. Mega Browse entfernen
    Anleitungen, FAQs & Links - 27.01.2014 (2)
  6. Browse-Search.com entfernen
    Anleitungen, FAQs & Links - 18.01.2014 (2)
  7. ads by browse to save was nun?
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (11)
  8. Browse to Save - Virus
    Log-Analyse und Auswertung - 24.04.2013 (7)
  9. Browse to save
    Log-Analyse und Auswertung - 17.04.2013 (15)
  10. Browse to save...
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (20)
  11. Ads by Browse to Save Virus
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (27)
  12. Virus - ads by browse to save
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (33)
  13. Ads by browse to save
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (11)
  14. Ads by browse to save
    Plagegeister aller Art und deren Bekämpfung - 17.02.2013 (13)
  15. Ads by Browse to Save
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (21)
  16. TR/Spy.Browse.A gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (1)
  17. Problem mit BROWSE~1.EXE
    Log-Analyse und Auswertung - 04.12.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Spy.Browse.A - Hallo Helfer! Ich habe auf meinem Laptop den Trojaner TR/Spy.Browse.A. Ich habe schon ein bisschen rumgelesen und festgestellt, dass der auch schon andere Systeme angegriffen hat. Aus diesem Thread(s) habe - TR/Spy.Browse.A...
Archiv
Du betrachtest: TR/Spy.Browse.A auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19