| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten ProblemeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.10.2010, 15:50
| #1 |
 |  explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Hallo, ich habe mich hier angemeldet, weil ich nach Hilfe für mein Problem suche. Alles hat damit begonnen, dass google-Ergebnisse mich ständig auf eine Seite geleitet haben, die sich Windows Security Alert nennt. Ich habe ihr misstraut, weil einige google.de-Ergebnisse mich vor ihr gewarnt haben. So habe ich herausgefunden, dass es sich dabei um eine Malware (oder Virus?) handelt/ handeln könnte und habe daraufhin AVira angeschaltet. Dabei kam heraus, dass Trojaner sich auf dem PC befinden, die ich (hoffentlich richtig) im Titel angeführt habe. Jetzt habe ich auch schon rumgelesen und mir angeschaut, ob auf dieser Seite andere schon mit dem Problem zu kämpfen haben und fand einen Eintrag. Da allerdings ausdrücklich davor gewarnt wurde, diese Schritte nachzuahmen, wenn man nicht gerade der Poster ist, wollte ich einfach mal einen eigenen Eintrag eröffnen und hier bin ich gelandet. Ich brauche dingendst Hilfe, weil meine Facharbeit ansteht und der PC unabdingbar für meine Recherchen ist. Ihr tätet mir einen "Riesengefallen"! Ich danke schon mal im Voraus für jegliche Art von Hilfe  Ach ja, ich ziehe die Bereinigung dem Formatieren vor  |
|
18.10.2010, 20:05
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten ProblemeZitat:
Aus den Regeln: 5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe) Fehlen diese Angaben, kann und wird dir hier niemand helfen.
__________________ |
|
20.10.2010, 11:51
| #3 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Hallo.
__________________Mein Avira Scanner sagt mir : Die Datei 'F:\Windows\Explorer.EXE' enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.2614272.4' [trojan]. Bzw.: In der Datei 'F:\Windows\explorer.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.2614272.4' [trojan] gefunden. Ferner: In der Datei 'F:\Windows\System32\wininit.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.96256.33' [trojan] gefunden. |
|
20.10.2010, 11:54
| #4 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Sry. hätte daran denken müssen. Der AVira Scan sagt: In der Datei 'F:\Windows\explorer.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.2614272.4' [trojan] gefunden. Ferner: In der Datei 'F:\Windows\System32\wininit.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.96256.33' [trojan] gefunden. |
|
20.10.2010, 12:01
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.10.2010, 12:01
| #6 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Verzeihung, ic hätte daran denken müssen. Der Avira-Scan berichtet: In der Datei 'F:\Windows\System32\wininit.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.96256.33' [trojan] gefunden. Ferner: In der Datei 'F:\Windows\explorer.exe' wurde ein Virus oder unerwünschtes Programm 'TR/Spy.2614272.4' [trojan] gefunden. |
|
20.10.2010, 12:49
| #7 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.10.2010 13:36:27 - Run 1 OTL by OldTimer - Version 3.2.16.0 Folder = F:\Users\Mudimu\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 201,00 Mb Available Physical Memory | 20,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 29,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files Drive C: | 2,00 Gb Total Space | 0,01 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 17,29 Gb Free Space | 17,71% Space Free | Partition Type: NTFS Drive G: | 24,41 Gb Total Space | 0,02 Gb Free Space | 0,07% Space Free | Partition Type: NTFS Drive H: | 11,72 Gb Total Space | 10,46 Gb Free Space | 89,26% Space Free | Partition Type: NTFS Computer Name: MUDIMU-PC | User Name: Mudimu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - F:\Users\Mudimu\Downloads\OTL.exe (OldTimer Tools) PRC - f:\program files\avira\antivir desktop\avscan.exe (Avira GmbH) PRC - F:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - F:\Program Files\Avira\AntiVir Desktop\avnotify.exe (Avira GmbH) PRC - F:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - F:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - F:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - F:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - F:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - F:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - F:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - F:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - F:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) PRC - F:\Windows\explorer.exe (Microsoft Corporation) PRC - F:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - F:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - F:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - F:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - F:\Users\Mudimu\Downloads\OTL.exe (OldTimer Tools) MOD - F:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - F:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - F:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - F:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - F:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - F:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - F:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - F:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - F:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - F:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - F:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - F:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- F:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Steam Client Service) -- F:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Apple Mobile Device) -- F:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (clr_optimization_v4.0.30319_32) -- F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (McComponentHostService) -- F:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WwanSvc) -- F:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- F:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- F:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- F:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- F:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (StorSvc) -- F:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- F:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- F:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- F:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- F:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- F:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- F:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- F:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- F:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- F:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- F:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- F:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- F:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- F:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- F:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- F:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- F:\Windows\System32\sppsvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- F:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- F:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- F:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (MBAMSwissArmy) -- F:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (KSecPkg) -- F:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (cmdide) -- F:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- F:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- F:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- F:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- F:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- F:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- F:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- F:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- F:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- F:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- F:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- F:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- F:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- F:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- F:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- F:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- F:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- F:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- F:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- F:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- F:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- F:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- F:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- F:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- F:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- F:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- F:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- F:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- F:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- F:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- F:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- F:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- F:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- F:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- F:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- F:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- F:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- F:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- F:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- F:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- F:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- F:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- F:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- F:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- F:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- F:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- F:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- F:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- F:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- F:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- F:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- F:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (WinUsb) -- F:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- F:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- F:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- F:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- F:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- F:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- F:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- F:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- F:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- F:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- F:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- F:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- F:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- F:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- F:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- F:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- F:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (atikmdag) -- F:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (yukonw7) -- F:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (b57nd60x) -- F:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- F:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- F:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (avgio) -- F:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (MTsensor) -- F:\Windows\System32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 10 54 A8 4E 27 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25536 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: {76aeea42-e04a-4b62-83ab-df4b2be2541e}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {71D81AB0-74A4-4E16-A52F-46750D03B515}:1.9.1 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.24 19:33:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2010.04.13 19:24:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2010.05.25 21:06:20 | 000,000,000 | ---D | M] [2010.07.03 21:54:31 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Extensions [2010.07.03 21:54:31 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010.10.19 14:11:06 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions [2010.07.20 14:32:14 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Toolbar) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280} [2010.10.11 18:14:16 | 000,000,000 | ---D | M] (Media Converter) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18} [2010.08.24 15:57:42 | 000,000,000 | ---D | M] (MessengerPlusLive Germany TB Toolbar) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e} [2010.10.16 17:06:15 | 000,000,000 | ---D | M] (Adblock Plus) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.10.16 17:06:16 | 000,000,000 | ---D | M] (No name found) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010.08.23 20:51:42 | 000,000,000 | ---D | M] (Greasemonkey) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.10.18 15:05:41 | 000,000,000 | ---D | M] -- F:\Programme\Mozilla Firefox\extensions [2010.07.26 15:39:48 | 000,001,392 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.26 15:39:48 | 000,002,344 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.26 15:39:48 | 000,006,805 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.26 15:39:48 | 000,001,178 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.26 15:39:48 | 000,001,105 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.17 12:57:10 | 000,002,109 | RHS- | M]) - F:\Windows\System32\drivers\etc\hosts O1 - Hosts: 69.65.50.148 google.com O1 - Hosts: 69.65.50.148 google.com.au O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.be O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.com.br O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ca O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ch O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.de O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.dk O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.fr O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ie O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.it O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.co.jp O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.nl O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 22 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - F:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - F:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - F:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - F:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - F:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.10.27 21:37:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.19 23:49:43 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\Malwarebytes [2010.10.19 23:49:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- F:\Windows\System32\drivers\mbamswissarmy.sys [2010.10.19 23:49:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- F:\Windows\System32\drivers\mbam.sys [2010.10.19 23:49:31 | 000,000,000 | ---D | C] -- F:\ProgramData\Malwarebytes [2010.10.19 23:49:30 | 000,000,000 | ---D | C] -- F:\Program Files\Malwarebytes' Anti-Malware [2010.10.18 19:32:46 | 000,000,000 | ---D | C] -- F:\Windows\System32\appmgmt [2010.10.18 10:25:31 | 000,000,000 | ---D | C] -- F:\Windows\pss [2010.10.17 19:15:27 | 000,000,000 | -H-D | C] -- F:\Users\Mudimu\Desktop\.picasaoriginals [2010.10.16 21:59:37 | 000,000,000 | -HSD | C] -- F:\ProgramData\SMHGCYE [2010.10.16 21:59:37 | 000,000,000 | -HSD | C] -- F:\Users\Mudimu\AppData\Roaming\Smart Engine [2010.10.16 17:12:59 | 000,000,000 | ---D | C] -- F:\Program Files\Trend Micro [2010.10.15 23:20:49 | 000,000,000 | ---D | C] -- F:\Programme\MSECache [2010.10.14 20:53:43 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Local\{71D81AB0-74A4-4E16-A52F-46750D03B515} [2010.10.13 18:06:00 | 000,190,976 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\drivers\ks.sys [2010.10.13 17:00:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\wmpmde.dll [2010.10.13 17:00:29 | 000,363,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\StructuredQuery.dll [2010.10.13 12:36:44 | 000,096,104 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\avipbb.sys [2010.10.13 12:36:44 | 000,056,816 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\avgntflt.sys [2010.10.13 12:36:44 | 000,028,520 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys [2010.10.13 12:36:25 | 000,000,000 | ---D | C] -- F:\ProgramData\Avira [2010.10.13 12:36:25 | 000,000,000 | ---D | C] -- F:\Program Files\Avira [2010.10.13 11:49:45 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\download [2010.10.13 11:12:01 | 000,000,000 | ---D | C] -- F:\ProgramData\Grisoft [2010.10.12 23:49:13 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\download2 [2010.10.11 21:33:06 | 000,000,000 | -H-D | C] -- F:\Users\Public\Documents\Server [2010.10.11 18:41:57 | 000,719,872 | ---- | C] (Abysmal Software) -- F:\Windows\System32\devil.dll [2010.10.11 18:41:57 | 000,369,152 | ---- | C] (The Public) -- F:\Windows\System32\avisynth.dll [2010.10.11 18:41:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- F:\Windows\System32\yv12vfw.dll [2010.10.11 18:41:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- F:\Windows\System32\i420vfw.dll [2010.10.11 18:41:55 | 000,000,000 | ---D | C] -- F:\Program Files\AviSynth 2.5 [2010.10.11 18:40:23 | 000,090,112 | RHS- | C] (-) -- F:\Windows\System32\TTADSSplitter.ax [2010.10.11 18:40:22 | 000,092,672 | RHS- | C] (RadLight) -- F:\Windows\System32\RLVorbisDec.ax [2010.10.11 18:40:22 | 000,090,112 | RHS- | C] (-) -- F:\Windows\System32\TTADSDecoder.ax [2010.10.11 18:40:22 | 000,067,584 | RHS- | C] (RadLight, LLC) -- F:\Windows\System32\RLTheoraDec.ax [2010.10.11 18:40:21 | 000,186,880 | RHS- | C] (RadLight) -- F:\Windows\System32\RLOgg.ax [2010.10.11 18:40:20 | 000,161,792 | RHS- | C] (Gabest) -- F:\Windows\System32\RealMediaDX.ax [2010.10.11 18:40:19 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- F:\Windows\System32\nbDX.dll [2010.10.11 18:40:19 | 000,169,472 | RHS- | C] (Gabest) -- F:\Windows\System32\MatroskaDX.ax [2010.10.11 18:40:19 | 000,031,232 | RHS- | C] (Hans Mayerl) -- F:\Windows\System32\msfDX.dll [2010.10.11 18:40:18 | 000,179,200 | RHS- | C] (Gabest) -- F:\Windows\System32\DiracSplitter.ax [2010.10.11 18:40:18 | 000,163,328 | RHS- | C] (Gabest) -- F:\Windows\System32\flvDX.dll [2010.10.11 18:40:17 | 000,123,904 | RHS- | C] (CoreCodec) -- F:\Windows\System32\AVCDX.ax [2010.10.11 18:39:00 | 000,000,000 | ---D | C] -- F:\Program Files\eRightSoft [2010.10.10 21:52:51 | 000,000,000 | ---D | C] -- F:\ProgramData\AntiVir PersonalEdition Classic [2010.10.08 16:13:25 | 000,000,000 | ---D | C] -- F:\Program Files\iPod [2010.10.08 16:13:11 | 000,000,000 | ---D | C] -- F:\Program Files\iTunes [2010.10.08 15:57:28 | 000,000,000 | ---D | C] -- F:\Programme\QuickTime [2010.10.08 15:54:09 | 000,000,000 | ---D | C] -- F:\Programme\Bonjour [1 F:\Users\Mudimu\*.tmp files -> F:\Users\Mudimu\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.20 13:41:08 | 000,001,096 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.20 13:41:02 | 000,001,092 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.20 11:38:28 | 000,014,752 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.20 11:38:27 | 000,014,752 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.20 11:32:59 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat [2010.10.20 11:32:40 | 804,659,200 | -HS- | M] () -- F:\hiberfil.sys [2010.10.19 23:49:34 | 000,000,983 | ---- | M] () -- F:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.19 23:15:28 | 000,000,217 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\18719.bat [2010.10.18 15:24:56 | 000,023,552 | ---- | M] () -- F:\Users\Mudimu\Documents\Remove Wininit.doc [2010.10.17 23:57:23 | 000,000,006 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\start [2010.10.17 23:50:51 | 000,000,010 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\install [2010.10.17 23:42:31 | 000,096,104 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\avipbb.sys [2010.10.17 23:42:31 | 000,056,816 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\avgntflt.sys [2010.10.17 23:42:31 | 000,028,520 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys [2010.10.17 23:32:56 | 000,000,185 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\23311.bat [2010.10.17 19:15:28 | 000,143,976 | ---- | M] () -- F:\Users\Mudimu\Desktop\101013_171857.jpg [2010.10.17 17:40:16 | 000,648,466 | ---- | M] () -- F:\Windows\System32\perfh007.dat [2010.10.17 17:40:16 | 000,611,134 | ---- | M] () -- F:\Windows\System32\perfh009.dat [2010.10.17 17:40:16 | 000,128,724 | ---- | M] () -- F:\Windows\System32\perfc007.dat [2010.10.17 17:40:16 | 000,105,314 | ---- | M] () -- F:\Windows\System32\perfc009.dat [2010.10.17 12:57:10 | 000,002,109 | RHS- | M] () -- F:\Windows\System32\drivers\etc\hosts [2010.10.16 17:13:27 | 000,002,043 | ---- | M] () -- F:\Users\Mudimu\Desktop\HijackThis.lnk [2010.10.16 12:59:52 | 000,000,120 | ---- | M] () -- F:\Users\Mudimu\AppData\Local\Cperafujahoza.dat [2010.10.16 12:59:37 | 000,000,000 | ---- | M] () -- F:\Users\Mudimu\AppData\Local\Ksavegaqabiheba.bin [2010.10.14 20:50:44 | 000,000,191 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\jsfhjjsd.bat [2010.10.13 22:04:19 | 001,991,640 | ---- | M] () -- F:\Users\Mudimu\Desktop\SPB_TV_2.0.ipa [2010.10.13 12:51:30 | 000,002,016 | ---- | M] () -- F:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.13 11:39:20 | 000,002,290 | ---- | M] () -- F:\Users\Public\Desktop\Google Chrome.lnk [2010.10.12 23:49:14 | 000,000,144 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\dsfsds.bat [2010.10.11 18:40:24 | 000,001,998 | ---- | M] () -- F:\Users\Public\Desktop\SUPER © Uninstall.lnk [2010.10.11 18:40:24 | 000,001,974 | ---- | M] () -- F:\Users\Public\Desktop\SUPER ©.lnk [2010.10.10 15:45:16 | 000,001,284 | ---- | M] () -- F:\Users\Public\Desktop\Fahren Lernen Offline.lnk [2010.10.08 16:16:40 | 000,002,429 | ---- | M] () -- F:\Users\Public\Desktop\iTunes.lnk [2010.10.08 15:58:20 | 000,001,815 | ---- | M] () -- F:\Users\Public\Desktop\QuickTime Player.lnk [2010.09.25 18:08:24 | 000,102,020 | ---- | M] () -- F:\Users\Mudimu\Desktop\fvwt34wb9xs.jpg [1 F:\Users\Mudimu\*.tmp files -> F:\Users\Mudimu\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.19 23:49:34 | 000,000,983 | ---- | C] () -- F:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.19 23:15:28 | 000,000,217 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\18719.bat [2010.10.18 15:24:56 | 000,023,552 | ---- | C] () -- F:\Users\Mudimu\Documents\Remove Wininit.doc [2010.10.17 23:57:23 | 000,000,006 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\start [2010.10.17 23:50:51 | 000,000,010 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\install [2010.10.17 23:32:56 | 000,000,185 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\23311.bat [2010.10.17 19:15:28 | 000,143,976 | ---- | C] () -- F:\Users\Mudimu\Desktop\101013_171857.jpg [2010.10.16 17:13:01 | 000,002,043 | ---- | C] () -- F:\Users\Mudimu\Desktop\HijackThis.lnk [2010.10.14 20:53:44 | 000,000,120 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\Cperafujahoza.dat [2010.10.14 20:53:44 | 000,000,000 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\Ksavegaqabiheba.bin [2010.10.14 20:50:44 | 000,000,191 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\jsfhjjsd.bat [2010.10.13 22:04:16 | 001,991,640 | ---- | C] () -- F:\Users\Mudimu\Desktop\SPB_TV_2.0.ipa [2010.10.13 12:51:30 | 000,002,016 | ---- | C] () -- F:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.12 23:49:14 | 000,000,144 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\dsfsds.bat [2010.10.11 18:41:56 | 000,027,648 | ---- | C] () -- F:\Windows\System32\AVSredirect.dll [2010.10.11 18:40:24 | 000,001,998 | ---- | C] () -- F:\Users\Public\Desktop\SUPER © Uninstall.lnk [2010.10.11 18:40:24 | 000,001,974 | ---- | C] () -- F:\Users\Public\Desktop\SUPER ©.lnk [2010.10.11 18:40:22 | 000,051,712 | RHS- | C] () -- F:\Windows\System32\RLSpeexDec.ax [2010.10.11 18:40:21 | 000,107,520 | RHS- | C] () -- F:\Windows\System32\RLMPCDec.ax [2010.10.11 18:40:21 | 000,070,656 | RHS- | C] () -- F:\Windows\System32\RLAPEDec.ax [2010.10.11 18:40:19 | 000,120,832 | RHS- | C] () -- F:\Windows\System32\MPCDx.ax [2010.10.11 18:40:18 | 000,097,280 | RHS- | C] () -- F:\Windows\System32\FLACDX.ax [2010.10.11 18:40:17 | 000,175,104 | RHS- | C] () -- F:\Windows\System32\CoreAAC.ax [2010.10.11 18:40:16 | 000,227,328 | RHS- | C] () -- F:\Windows\System32\ac3DX.ax [2010.10.11 18:40:16 | 000,081,920 | RHS- | C] () -- F:\Windows\System32\aac_parser.ax [2010.10.08 16:16:40 | 000,002,429 | ---- | C] () -- F:\Users\Public\Desktop\iTunes.lnk [2010.10.08 15:58:20 | 000,001,815 | ---- | C] () -- F:\Users\Public\Desktop\QuickTime Player.lnk [2010.09.25 18:08:12 | 000,102,020 | ---- | C] () -- F:\Users\Mudimu\Desktop\fvwt34wb9xs.jpg [2010.08.16 23:54:41 | 000,007,168 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.13 10:32:52 | 000,000,534 | ---- | C] () -- F:\Windows\ODBC.INI [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- F:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- F:\Windows\System32\BWContextHandler.dll [2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- F:\Windows\System32\drivers\ASACPI.sys < End of report > |
|
20.10.2010, 18:05
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Ich wollte zuerst den Vollscan mit Malwarebytes sehen...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2010, 14:32
| #9 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Tut mir leid, allerdings lief der mit OTL schneller und ich komm erst heute dazu, den Vollscan mit Malwarebytes durczuführen. Ich poste danach am besten noch ein File zum OTL, oder? |
|
21.10.2010, 22:22
| #10 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\678fce512487f779.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\69fe2b2341363ffa.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\584a1f60e59b3b70.exe (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\cooper.mine (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dakuzuso.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\falozogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\majubilu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\winuid.dll (Spyware.Passwords) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\jigefuwi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\lagoguze.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\tonepopo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\bewivupi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\gigopero.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\godobovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\hilemebu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\zewobihu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\nmklo.dll (Spyware.Zbot) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dllcache\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\drivers\H8SRTd.sys (Trojan.TDSS) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\wbem\grpconv.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
|
21.10.2010, 22:22
| #11 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Hier in "Vollständig": Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4052 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21.10.2010 23:20:38 mbam-log-2010-10-21 (23-20-38).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|G:\|H:\|) Durchsuchte Objekte: 343604 Laufzeit: 8 Stunde(n), 27 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 21 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\678fce512487f779.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\69fe2b2341363ffa.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\584a1f60e59b3b70.exe (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\cooper.mine (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dakuzuso.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\falozogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\majubilu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\winuid.dll (Spyware.Passwords) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\jigefuwi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\lagoguze.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\tonepopo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\bewivupi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\gigopero.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\godobovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\hilemebu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\zewobihu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\nmklo.dll (Spyware.Zbot) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dllcache\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\drivers\H8SRTd.sys (Trojan.TDSS) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\wbem\grpconv.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
|
21.10.2010, 22:23
| #12 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4052 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 21.10.2010 23:20:38 mbam-log-2010-10-21 (23-20-38).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|G:\|H:\|) Durchsuchte Objekte: 343604 Laufzeit: 8 Stunde(n), 27 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 21 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\678fce512487f779.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\69fe2b2341363ffa.exe (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Dokumente und Einstellungen\Mudimu\Lokale Einstellungen\Temp\584a1f60e59b3b70.exe (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\cooper.mine (Worm.Mariofev) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dakuzuso.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\falozogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\majubilu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\winuid.dll (Spyware.Passwords) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\jigefuwi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\lagoguze.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\tonepopo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\bewivupi.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\gigopero.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\godobovo.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\hilemebu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\zewobihu.dll (Trojan.Vundo) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\nmklo.dll (Spyware.Zbot) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\dllcache\termsrv.dll (Packed.Krap) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\drivers\H8SRTd.sys (Trojan.TDSS) -> Quarantined and deleted successfully. F:\Windows.old\Windows\system32\wbem\grpconv.exe (Trojan.Agent) -> Quarantined and deleted successfully. |
|
21.10.2010, 22:27
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten ProblemeZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2010, 22:53
| #14 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme OTL Logfile: Code:
ATTFilter OTL logfile created on: 21.10.2010 23:26:48 - Run 1 OTL by OldTimer - Version 3.2.16.0 Folder = F:\Users\Mudimu\Downloads An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.023,00 Mb Total Physical Memory | 259,00 Mb Available Physical Memory | 25,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files Drive C: | 2,00 Gb Total Space | 0,01 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive F: | 97,65 Gb Total Space | 8,06 Gb Free Space | 8,26% Space Free | Partition Type: NTFS Drive G: | 24,41 Gb Total Space | 0,02 Gb Free Space | 0,07% Space Free | Partition Type: NTFS Drive H: | 11,72 Gb Total Space | 10,46 Gb Free Space | 89,26% Space Free | Partition Type: NTFS Computer Name: MUDIMU-PC | User Name: Mudimu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - F:\Users\Mudimu\Downloads\OTL.exe (OldTimer Tools) PRC - F:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - F:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - F:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - F:\Program Files\DivX\DivX Update\DivXUpdate.exe () PRC - F:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - F:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - F:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) PRC - F:\Windows\explorer.exe (Microsoft Corporation) PRC - F:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - F:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - F:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - F:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - F:\Users\Mudimu\Downloads\OTL.exe (OldTimer Tools) MOD - F:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - F:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - F:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - F:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - F:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - F:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - F:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - F:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - F:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - F:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - F:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - F:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirSchedulerService) -- F:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Steam Client Service) -- F:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Apple Mobile Device) -- F:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (clr_optimization_v4.0.30319_32) -- F:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (McComponentHostService) -- F:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WwanSvc) -- F:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- F:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- F:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- F:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- F:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (StorSvc) -- F:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- F:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- F:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- F:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- F:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- F:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- F:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- F:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- F:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- F:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- F:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- F:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- F:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- F:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- F:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- F:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- F:\Windows\System32\sppsvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- F:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- F:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- F:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (KSecPkg) -- F:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (cmdide) -- F:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- F:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- F:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- F:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- F:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- F:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- F:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- F:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- F:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- F:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- F:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- F:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- F:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- F:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- F:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- F:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- F:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- F:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- F:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- F:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- F:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- F:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- F:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- F:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- F:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- F:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- F:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- F:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- F:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- F:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- F:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- F:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- F:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- F:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- F:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- F:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- F:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- F:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- F:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- F:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- F:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- F:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- F:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- F:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- F:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- F:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- F:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- F:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- F:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- F:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- F:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- F:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (WinUsb) -- F:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- F:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- F:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- F:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- F:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- F:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- F:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- F:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- F:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- F:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- F:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- F:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- F:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- F:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- F:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- F:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- F:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (atikmdag) -- F:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (yukonw7) -- F:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (b57nd60x) -- F:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- F:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- F:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (avgio) -- F:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (MTsensor) -- F:\Windows\System32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 10 54 A8 4E 27 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25536 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {76aeea42-e04a-4b62-83ab-df4b2be2541e}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {71D81AB0-74A4-4E16-A52F-46750D03B515}:1.9.1 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.07.24 19:33:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2010.04.13 19:24:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2010.05.25 21:06:20 | 000,000,000 | ---D | M] [2010.07.03 21:54:31 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Extensions [2010.07.03 21:54:31 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2010.10.21 21:16:46 | 000,000,000 | ---D | M] -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions [2010.07.20 14:32:14 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Toolbar) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280} [2010.10.11 18:14:16 | 000,000,000 | ---D | M] (Media Converter) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18} [2010.10.21 21:16:45 | 000,000,000 | ---D | M] (MessengerPlusLive Germany TB Toolbar) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e} [2010.10.16 17:06:15 | 000,000,000 | ---D | M] (Adblock Plus) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.10.16 17:06:16 | 000,000,000 | ---D | M] (No name found) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2010.10.21 15:34:18 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.08.23 20:51:42 | 000,000,000 | ---D | M] (Greasemonkey) -- F:\Users\Mudimu\AppData\Roaming\mozilla\Firefox\Profiles\6lq47pgj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.10.18 15:05:41 | 000,000,000 | ---D | M] -- F:\Programme\Mozilla Firefox\extensions [2010.07.26 15:39:48 | 000,001,392 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.26 15:39:48 | 000,002,344 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.26 15:39:48 | 000,006,805 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.26 15:39:48 | 000,001,178 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.26 15:39:48 | 000,001,105 | ---- | M] () -- F:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.17 12:57:10 | 000,002,109 | RHS- | M]) - F:\Windows\System32\drivers\etc\hosts O1 - Hosts: 69.65.50.148 google.com O1 - Hosts: 69.65.50.148 google.com.au O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.be O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.com.br O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ca O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ch O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.de O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.dk O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.fr O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.ie O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.it O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.co.jp O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 69.65.50.148 google.nl O1 - Hosts: 69.65.50.148 Google O1 - Hosts: 22 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - F:\Program Files\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - F:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.) O4 - HKLM..\Run: [DivXUpdate] F:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] F:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [TkBellExe] F:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O8 - Extra context menu item: Add to Google Photos Screensa&ver - F:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - F:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - F:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - F:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - F:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - F:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) - F:\Windows\explorer.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - F:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.10.27 21:37:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.20 17:54:25 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\Desktop\Numba [2010.10.20 17:02:09 | 000,000,000 | ---D | C] -- F:\ProgramData\NOS [2010.10.20 17:02:08 | 000,000,000 | ---D | C] -- F:\Program Files\NOS [2010.10.19 23:49:43 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\Malwarebytes [2010.10.19 23:49:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- F:\Windows\System32\drivers\mbamswissarmy.sys [2010.10.19 23:49:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- F:\Windows\System32\drivers\mbam.sys [2010.10.19 23:49:31 | 000,000,000 | ---D | C] -- F:\ProgramData\Malwarebytes [2010.10.19 23:49:30 | 000,000,000 | ---D | C] -- F:\Program Files\Malwarebytes' Anti-Malware [2010.10.18 19:32:46 | 000,000,000 | ---D | C] -- F:\Windows\System32\appmgmt [2010.10.18 10:25:31 | 000,000,000 | ---D | C] -- F:\Windows\pss [2010.10.17 19:15:27 | 000,000,000 | -H-D | C] -- F:\Users\Mudimu\Desktop\.picasaoriginals [2010.10.16 21:59:37 | 000,000,000 | -HSD | C] -- F:\ProgramData\SMHGCYE [2010.10.16 21:59:37 | 000,000,000 | -HSD | C] -- F:\Users\Mudimu\AppData\Roaming\Smart Engine [2010.10.16 17:12:59 | 000,000,000 | ---D | C] -- F:\Program Files\Trend Micro [2010.10.15 23:20:49 | 000,000,000 | ---D | C] -- F:\Programme\MSECache [2010.10.14 20:53:43 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Local\{71D81AB0-74A4-4E16-A52F-46750D03B515} [2010.10.13 17:00:29 | 000,363,520 | ---- | C] (Microsoft Corporation) -- F:\Windows\System32\StructuredQuery.dll [2010.10.13 12:36:44 | 000,096,104 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\avipbb.sys [2010.10.13 12:36:44 | 000,056,816 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\avgntflt.sys [2010.10.13 12:36:44 | 000,028,520 | ---- | C] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys [2010.10.13 12:36:25 | 000,000,000 | ---D | C] -- F:\ProgramData\Avira [2010.10.13 12:36:25 | 000,000,000 | ---D | C] -- F:\Program Files\Avira [2010.10.13 11:49:45 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\download [2010.10.13 11:12:01 | 000,000,000 | ---D | C] -- F:\ProgramData\Grisoft [2010.10.12 23:49:13 | 000,000,000 | ---D | C] -- F:\Users\Mudimu\AppData\Roaming\download2 [2010.10.11 21:33:06 | 000,000,000 | -H-D | C] -- F:\Users\Public\Documents\Server [2010.10.11 18:41:57 | 000,719,872 | ---- | C] (Abysmal Software) -- F:\Windows\System32\devil.dll [2010.10.11 18:41:57 | 000,369,152 | ---- | C] (The Public) -- F:\Windows\System32\avisynth.dll [2010.10.11 18:41:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- F:\Windows\System32\yv12vfw.dll [2010.10.11 18:41:56 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- F:\Windows\System32\i420vfw.dll [2010.10.11 18:41:55 | 000,000,000 | ---D | C] -- F:\Program Files\AviSynth 2.5 [2010.10.11 18:40:23 | 000,090,112 | RHS- | C] (-) -- F:\Windows\System32\TTADSSplitter.ax [2010.10.11 18:40:22 | 000,092,672 | RHS- | C] (RadLight) -- F:\Windows\System32\RLVorbisDec.ax [2010.10.11 18:40:22 | 000,090,112 | RHS- | C] (-) -- F:\Windows\System32\TTADSDecoder.ax [2010.10.11 18:40:22 | 000,067,584 | RHS- | C] (RadLight, LLC) -- F:\Windows\System32\RLTheoraDec.ax [2010.10.11 18:40:21 | 000,186,880 | RHS- | C] (RadLight) -- F:\Windows\System32\RLOgg.ax [2010.10.11 18:40:20 | 000,161,792 | RHS- | C] (Gabest) -- F:\Windows\System32\RealMediaDX.ax [2010.10.11 18:40:19 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- F:\Windows\System32\nbDX.dll [2010.10.11 18:40:19 | 000,169,472 | RHS- | C] (Gabest) -- F:\Windows\System32\MatroskaDX.ax [2010.10.11 18:40:19 | 000,031,232 | RHS- | C] (Hans Mayerl) -- F:\Windows\System32\msfDX.dll [2010.10.11 18:40:18 | 000,179,200 | RHS- | C] (Gabest) -- F:\Windows\System32\DiracSplitter.ax [2010.10.11 18:40:18 | 000,163,328 | RHS- | C] (Gabest) -- F:\Windows\System32\flvDX.dll [2010.10.11 18:40:17 | 000,123,904 | RHS- | C] (CoreCodec) -- F:\Windows\System32\AVCDX.ax [2010.10.11 18:39:00 | 000,000,000 | ---D | C] -- F:\Program Files\eRightSoft [2010.10.10 21:52:51 | 000,000,000 | ---D | C] -- F:\ProgramData\AntiVir PersonalEdition Classic [2010.10.08 16:13:25 | 000,000,000 | ---D | C] -- F:\Program Files\iPod [2010.10.08 16:13:11 | 000,000,000 | ---D | C] -- F:\Program Files\iTunes [2010.10.08 15:57:28 | 000,000,000 | ---D | C] -- F:\Programme\QuickTime [2010.10.08 15:54:09 | 000,000,000 | ---D | C] -- F:\Programme\Bonjour [1 F:\Users\Mudimu\*.tmp files -> F:\Users\Mudimu\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.21 23:20:52 | 000,054,016 | ---- | M] () -- F:\Windows\System32\drivers\slsv.sys [2010.10.21 22:44:42 | 000,001,096 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.21 22:44:27 | 000,067,584 | --S- | M] () -- F:\Windows\bootstat.dat [2010.10.21 21:59:03 | 000,014,752 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.21 21:59:03 | 000,014,752 | -H-- | M] () -- F:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.21 14:41:31 | 000,001,092 | ---- | M] () -- F:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.21 14:35:47 | 804,659,200 | -HS- | M] () -- F:\hiberfil.sys [2010.10.19 23:49:34 | 000,000,983 | ---- | M] () -- F:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.19 23:15:28 | 000,000,217 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\18719.bat [2010.10.18 15:24:56 | 000,023,552 | ---- | M] () -- F:\Users\Mudimu\Documents\Remove Wininit.doc [2010.10.17 23:57:23 | 000,000,006 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\start [2010.10.17 23:50:51 | 000,000,010 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\install [2010.10.17 23:42:31 | 000,096,104 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\avipbb.sys [2010.10.17 23:42:31 | 000,056,816 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\avgntflt.sys [2010.10.17 23:42:31 | 000,028,520 | ---- | M] (Avira GmbH) -- F:\Windows\System32\drivers\ssmdrv.sys [2010.10.17 23:32:56 | 000,000,185 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\23311.bat [2010.10.17 19:15:28 | 000,143,976 | ---- | M] () -- F:\Users\Mudimu\Desktop\101013_171857.jpg [2010.10.17 17:40:16 | 000,648,466 | ---- | M] () -- F:\Windows\System32\perfh007.dat [2010.10.17 17:40:16 | 000,611,134 | ---- | M] () -- F:\Windows\System32\perfh009.dat [2010.10.17 17:40:16 | 000,128,724 | ---- | M] () -- F:\Windows\System32\perfc007.dat [2010.10.17 17:40:16 | 000,105,314 | ---- | M] () -- F:\Windows\System32\perfc009.dat [2010.10.17 12:57:10 | 000,002,109 | RHS- | M] () -- F:\Windows\System32\drivers\etc\hosts [2010.10.16 17:13:27 | 000,002,043 | ---- | M] () -- F:\Users\Mudimu\Desktop\HijackThis.lnk [2010.10.16 12:59:52 | 000,000,120 | ---- | M] () -- F:\Users\Mudimu\AppData\Local\Cperafujahoza.dat [2010.10.16 12:59:37 | 000,000,000 | ---- | M] () -- F:\Users\Mudimu\AppData\Local\Ksavegaqabiheba.bin [2010.10.14 20:50:44 | 000,000,191 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\jsfhjjsd.bat [2010.10.13 22:04:19 | 001,991,640 | ---- | M] () -- F:\Users\Mudimu\Desktop\SPB_TV_2.0.ipa [2010.10.13 12:51:30 | 000,002,016 | ---- | M] () -- F:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.13 11:39:20 | 000,002,290 | ---- | M] () -- F:\Users\Public\Desktop\Google Chrome.lnk [2010.10.12 23:49:14 | 000,000,144 | ---- | M] () -- F:\Users\Mudimu\AppData\Roaming\dsfsds.bat [2010.10.11 18:40:24 | 000,001,998 | ---- | M] () -- F:\Users\Public\Desktop\SUPER © Uninstall.lnk [2010.10.11 18:40:24 | 000,001,974 | ---- | M] () -- F:\Users\Public\Desktop\SUPER ©.lnk [2010.10.10 15:45:16 | 000,001,284 | ---- | M] () -- F:\Users\Public\Desktop\Fahren Lernen Offline.lnk [2010.10.08 16:16:40 | 000,002,429 | ---- | M] () -- F:\Users\Public\Desktop\iTunes.lnk [2010.10.08 15:58:20 | 000,001,815 | ---- | M] () -- F:\Users\Public\Desktop\QuickTime Player.lnk [2010.09.25 18:08:24 | 000,102,020 | ---- | M] () -- F:\Users\Mudimu\Desktop\fvwt34wb9xs.jpg [1 F:\Users\Mudimu\*.tmp files -> F:\Users\Mudimu\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.21 23:20:52 | 000,054,016 | ---- | C] () -- F:\Windows\System32\drivers\slsv.sys [2010.10.19 23:49:34 | 000,000,983 | ---- | C] () -- F:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.19 23:15:28 | 000,000,217 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\18719.bat [2010.10.18 15:24:56 | 000,023,552 | ---- | C] () -- F:\Users\Mudimu\Documents\Remove Wininit.doc [2010.10.17 23:57:23 | 000,000,006 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\start [2010.10.17 23:50:51 | 000,000,010 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\install [2010.10.17 23:32:56 | 000,000,185 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\23311.bat [2010.10.17 19:15:28 | 000,143,976 | ---- | C] () -- F:\Users\Mudimu\Desktop\101013_171857.jpg [2010.10.16 17:13:01 | 000,002,043 | ---- | C] () -- F:\Users\Mudimu\Desktop\HijackThis.lnk [2010.10.14 20:53:44 | 000,000,120 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\Cperafujahoza.dat [2010.10.14 20:53:44 | 000,000,000 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\Ksavegaqabiheba.bin [2010.10.14 20:50:44 | 000,000,191 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\jsfhjjsd.bat [2010.10.13 22:04:16 | 001,991,640 | ---- | C] () -- F:\Users\Mudimu\Desktop\SPB_TV_2.0.ipa [2010.10.13 12:51:30 | 000,002,016 | ---- | C] () -- F:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.12 23:49:14 | 000,000,144 | ---- | C] () -- F:\Users\Mudimu\AppData\Roaming\dsfsds.bat [2010.10.11 18:41:56 | 000,027,648 | ---- | C] () -- F:\Windows\System32\AVSredirect.dll [2010.10.11 18:40:24 | 000,001,998 | ---- | C] () -- F:\Users\Public\Desktop\SUPER © Uninstall.lnk [2010.10.11 18:40:24 | 000,001,974 | ---- | C] () -- F:\Users\Public\Desktop\SUPER ©.lnk [2010.10.11 18:40:22 | 000,051,712 | RHS- | C] () -- F:\Windows\System32\RLSpeexDec.ax [2010.10.11 18:40:21 | 000,107,520 | RHS- | C] () -- F:\Windows\System32\RLMPCDec.ax [2010.10.11 18:40:21 | 000,070,656 | RHS- | C] () -- F:\Windows\System32\RLAPEDec.ax [2010.10.11 18:40:19 | 000,120,832 | RHS- | C] () -- F:\Windows\System32\MPCDx.ax [2010.10.11 18:40:18 | 000,097,280 | RHS- | C] () -- F:\Windows\System32\FLACDX.ax [2010.10.11 18:40:17 | 000,175,104 | RHS- | C] () -- F:\Windows\System32\CoreAAC.ax [2010.10.11 18:40:16 | 000,227,328 | RHS- | C] () -- F:\Windows\System32\ac3DX.ax [2010.10.11 18:40:16 | 000,081,920 | RHS- | C] () -- F:\Windows\System32\aac_parser.ax [2010.10.08 16:16:40 | 000,002,429 | ---- | C] () -- F:\Users\Public\Desktop\iTunes.lnk [2010.10.08 15:58:20 | 000,001,815 | ---- | C] () -- F:\Users\Public\Desktop\QuickTime Player.lnk [2010.09.25 18:08:12 | 000,102,020 | ---- | C] () -- F:\Users\Mudimu\Desktop\fvwt34wb9xs.jpg [2010.08.16 23:54:41 | 000,007,168 | ---- | C] () -- F:\Users\Mudimu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.13 10:32:52 | 000,000,534 | ---- | C] () -- F:\Windows\ODBC.INI [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- F:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- F:\Windows\System32\BWContextHandler.dll [2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- F:\Windows\System32\drivers\ASACPI.sys < End of report > |
|
21.10.2010, 22:53
| #15 |
| | explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.10.2010 23:26:48 - Run 1
OTL by OldTimer - Version 3.2.16.0 Folder = F:\Users\Mudimu\Downloads
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 259,00 Mb Available Physical Memory | 25,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\Windows | %ProgramFiles% = F:\Program Files
Drive C: | 2,00 Gb Total Space | 0,01 Gb Free Space | 0,64% Space Free | Partition Type: NTFS
Drive F: | 97,65 Gb Total Space | 8,06 Gb Free Space | 8,26% Space Free | Partition Type: NTFS
Drive G: | 24,41 Gb Total Space | 0,02 Gb Free Space | 0,07% Space Free | Partition Type: NTFS
Drive H: | 11,72 Gb Total Space | 10,46 Gb Free Space | 89,26% Space Free | Partition Type: NTFS
Computer Name: MUDIMU-PC | User Name: Mudimu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- F:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- F:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- F:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{452473D3-1D26-4E61-8060-3B216620D60C}_is1" = Fahren Lernen Offline 1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_VISPRO_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_GROOVE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_GROOVE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_VISPRO_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_GROOVE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISPRO_{60CC0F2D-BFA0-4851-903D-809D876DD87B}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_VISPRO_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_GROOVE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0000-0000-0000000FF1CE}" = Microsoft Office Groove 2007
"{90120000-00BA-0000-0000-0000000FF1CE}_GROOVE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0000-0000-0000000FF1CE}_GROOVE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_GROOVE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_GROOVE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_GROOVE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter und der Feuerkelch™
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.3 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B69F28DF-CBB1-41B7-008A-210E4D0518FC}" = Harry Potter und der Orden des Phönix™
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudibleDownloadManager" = Audible Download Manager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"Google Chrome" = Google Chrome
"GROOVE" = Microsoft Office Groove 2007
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Messenger Plus! Live" = Messenger Plus! Live
"Messenger_Plus_Live_Germany Toolbar" = Messenger_Plus_Live_Germany Toolbar
"MessengerPlusLive_Germany_TB Toolbar" = MessengerPlusLive Germany TB Toolbar
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Picasa 3" = Picasa 3
"RealPlayer 12.0" = RealPlayer
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"VISPRO" = Microsoft Office Visio Professional 2007
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.10.2010 16:09:14 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdcc5 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b21e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00075cf0 ID des fehlerhaften
Prozesses: 0xd14 Startzeit der fehlerhaften Anwendung: 0x01cb6fb8195e530e Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: F:\Windows\SYSTEM32\ntdll.dll Berichtskennung: be48c086-dbbc-11df-8c55-0018f35bb59f
Error - 19.10.2010 16:10:12 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdc89 Name des fehlerhaften Moduls: NPSWF32.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4bfd730a Ausnahmecode: 0xc0000005 Fehleroffset: 0x632918e6
ID
des fehlerhaften Prozesses: 0x7a4 Startzeit der fehlerhaften Anwendung: 0x01cb6fb84661b0be
Pfad
der fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: NPSWF32.dll Berichtskennung: e06f8fb4-dbbc-11df-8c55-0018f35bb59f
Error - 19.10.2010 17:08:20 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdcc5 Name des fehlerhaften Moduls: CoolType.dll, Version: 5.5.69.1,
Zeitstempel: 0x4c1d66b7 Ausnahmecode: 0xc0000409 Fehleroffset: 0x00184a20 ID des fehlerhaften
Prozesses: 0xf30 Startzeit der fehlerhaften Anwendung: 0x01cb6fc9a0ee85c5 Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: F:\Program Files\Adobe\Reader 9.0\Reader\CoolType.dll Berichtskennung: ff745be8-dbc4-11df-8c55-0018f35bb59f
Error - 19.10.2010 17:09:26 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdc89 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b21e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00046bf0 ID des fehlerhaften
Prozesses: 0x280 Startzeit der fehlerhaften Anwendung: 0x01cb6fc9ca2c975f Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: F:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 271642fb-dbc5-11df-8c55-0018f35bb59f
Error - 19.10.2010 17:27:15 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdcc5 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00064fbd ID des fehlerhaften
Prozesses: 0x120 Startzeit der fehlerhaften Anwendung: 0x01cb6fd1f61ba89b Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: a4319494-dbc7-11df-8c55-0018f35bb59f
Error - 19.10.2010 17:27:33 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdc89 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b21e Ausnahmecode: 0xc0000005 Fehleroffset: 0x00046bf0 ID des fehlerhaften
Prozesses: 0x6f4 Startzeit der fehlerhaften Anwendung: 0x01cb6fd226000938 Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: F:\Windows\SYSTEM32\ntdll.dll Berichtskennung: aec8d8bf-dbc7-11df-8c55-0018f35bb59f
Error - 20.10.2010 06:07:35 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3909,
Zeitstempel: 0x4c8fdcc5 Name des fehlerhaften Moduls: CoolType.dll, Version: 5.5.69.1,
Zeitstempel: 0x4c1d66b7 Ausnahmecode: 0xc0000409 Fehleroffset: 0x00184a20 ID des fehlerhaften
Prozesses: 0xabc Startzeit der fehlerhaften Anwendung: 0x01cb703cbccdd013 Pfad der
fehlerhaften Anwendung: F:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften
Moduls: F:\Program Files\Adobe\Reader 9.0\Reader\CoolType.dll Berichtskennung: dbfc3116-dc31-11df-a595-0018f35bb59f
Error - 20.10.2010 10:39:42 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16450,
Zeitstempel: 0x4aeba271 Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 10.145.7329.0,
Zeitstempel: 0x4019138d Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004ef37 ID des fehlerhaften
Prozesses: 0x898 Startzeit der fehlerhaften Anwendung: 0x01cb7039dca38c86 Pfad der
fehlerhaften Anwendung: F:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: F:\PROGRA~2\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Berichtskennung:
df52cfcf-dc57-11df-a595-0018f35bb59f
Error - 20.10.2010 10:43:05 | Computer Name = Mudimu-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: setup.exe_Google Chrome, Version:
7.0.517.41, Zeitstempel: 0x4cb3d03b Name des fehlerhaften Moduls: setup.exe, Version:
7.0.517.41, Zeitstempel: 0x4cb3d03b Ausnahmecode: 0x40000015 Fehleroffset: 0x0005c280
ID
des fehlerhaften Prozesses: 0x58c Startzeit der fehlerhaften Anwendung: 0x01cb706505edfc68
Pfad
der fehlerhaften Anwendung: F:\Windows\Temp\CR_AB62.tmp\setup.exe Pfad des fehlerhaften
Moduls: F:\Windows\Temp\CR_AB62.tmp\setup.exe Berichtskennung: 584a1b5f-dc58-11df-a595-0018f35bb59f
Error - 20.10.2010 11:04:30 | Computer Name = Mudimu-PC | Source = Application Hang | ID = 1002
Description = Programm RealUpgrade.exe, Version 1.0.2.170 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 6ec Startzeit: 01cb70676a57ef22 Endzeit: 31 Anwendungspfad: F:\Program
Files\Real\RealUpgrade\RealUpgrade.exe Berichts-ID: 5310237d-dc5b-11df-bfab-0018f35bb59f
[ Media Center Events ]
Error - 12.10.2010 03:22:50 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 09:22:49 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 03:22:52 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 09:22:51 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 03:22:52 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 09:22:52 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 14:20:46 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:20:46 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 14:21:21 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:21:20 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 14:21:22 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:21:22 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 12.10.2010 14:21:28 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:21:23 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 13.10.2010 14:02:34 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:02:34 - Fehler beim Herstellen der Internetverbindung. 20:02:34
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2010 14:02:45 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 20:02:40 - Fehler beim Herstellen der Internetverbindung. 20:02:40
- Serververbindung konnte nicht hergestellt werden..
Error - 17.10.2010 04:27:41 | Computer Name = Mudimu-PC | Source = MCUpdate | ID = 0
Description = 10:27:32 - Fehler beim Herstellen der Internetverbindung. 10:27:32
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 14.09.2010 11:41:48 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = PNRPSvc | ID = 102
Description =
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = PNRPSvc | ID = 102
Description =
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 14.09.2010 13:28:13 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 14.09.2010 15:25:16 | Computer Name = Mudimu-PC | Source = PNRPSvc | ID = 102
Description =
Error - 14.09.2010 15:25:16 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 14.09.2010 15:25:16 | Computer Name = Mudimu-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
< End of report >
|
|
| Themen zu explorer.exe (TR/Spy.2614272.4) und wininit.exe (TR/Spy96256.33) bereiten Probleme |
| alert, andere, angemeldet, avira, befinden, brauche, dinge, einfach, explorer.exe, explorer.exe wininit.exe trojaner, facharbeit, hoffe, malware, problem, probleme, richtig, security, security alert, seite, tr/spy., troja, trojaner, virus, virus?, windows, windows security, windows security alert |
Linear-Darstellung
