| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: redirect/jump in googleWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.03.2011, 11:32
| #20 |
 |  redirect/jump in google Guten Tag, hat alles geklappt. GMER Logfile: Code:
ATTFilter GMER 1.0.15.15570 - hxxp://www.gmer.net
Rootkit scan 2011-03-26 10:57:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L120AVV207-0 rev.V24OA66A
Running: 45goo5l9.exe; Driver: C:\DOKUME~1\Besitzer\LOKALE~1\Temp\pwlcapob.sys
---- System - GMER 1.0.15 ----
SSDT F7CD3216 ZwCreateKey
SSDT F7CD320C ZwCreateThread
SSDT F7CD321B ZwDeleteKey
SSDT F7CD3225 ZwDeleteValueKey
SSDT spre.sys ZwEnumerateKey [0xF748EDA4]
SSDT spre.sys ZwEnumerateValueKey [0xF748F132]
SSDT F7CD322A ZwLoadKey
SSDT spre.sys ZwOpenKey [0xF74760C0]
SSDT F7CD31F8 ZwOpenProcess
SSDT F7CD31FD ZwOpenThread
SSDT spre.sys ZwQueryKey [0xF748F20A]
SSDT spre.sys ZwQueryValueKey [0xF748F08A]
SSDT F7CD3234 ZwReplaceKey
SSDT F7CD322F ZwRestoreKey
SSDT F7CD3220 ZwSetValueKey
INT 0x35 ? 85900BF8
INT 0x35 ? 85900BF8
INT 0x3A ? 85900BF8
INT 0x3E ? 85BE2BF8
INT 0x3F ? 85BE2BF8
---- Kernel code sections - GMER 1.0.15 ----
? spre.sys Das System kann die angegebene Datei nicht finden. !
.text USBPORT.SYS!DllUnload F6D9E8AC 5 Bytes JMP 859001D8
.text a25y8791.SYS F6CC0386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a25y8791.SYS F6CC03AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a25y8791.SYS F6CC03C4 3 Bytes [00, 80, 02]
.text a25y8791.SYS F6CC03C9 1 Byte [30]
.text a25y8791.SYS F6CC03C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 85B775E0
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F74A1DDC] spre.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F74A1E30] spre.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7477042] spre.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F747713E] spre.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F74770C0] spre.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7477800] spre.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F74776D6] spre.sys
IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 859002D8
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7486B90] spre.sys
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlInitUnicodeString] 8800001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!swprintf] 001CBA86
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeSetEvent] C61AEB00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 001C8986
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 86C61200
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 00001C8B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmFreeMappingAddress] 96868801
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 8800001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 001CB286
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmUnmapIoSpace] 88968B00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 8900001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IofCompleteRequest] 001CA496
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlCompareUnicodeString] C6168B00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IofCallDriver] 001CC186
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 428A0A00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] C286880C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoConnectInterrupt] 8B00001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoDetachDevice] 24A48DFA
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeWaitForSingleObject] 00000000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInitializeEvent] 4B8BDF8B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeCancelTimer] 8D3F0304
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] CB033043
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlInitAnsiString] 0673C13B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] C13B0003
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoQueueWorkItem] 8366FA72
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmMapIoSpace] 75000E7B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 0B7D80E3
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoReportDetectedDevice] 307B8D00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoReportResourceForDetection] 00AA840F
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 83660000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!NlsMbCodePageTag] 6A000E7A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!PoRequestPowerIrp] C6647400
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001CC386
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] 4F8B0200
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!sprintf] 968D5140
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 00001C98
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ObfDereferenceObject] 22F6E852
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 478B0000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 50016A40
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ZwClose] 1CB48E8D
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E8510000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 000022E4
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 6A18538B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!PoStartNextPowerIrp] 868D5200
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoCreateDevice] 00001CA0
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 22D2E850
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 4B8B0000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 51016A18
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ZwOpenKey] 1CBC968D
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlFreeUnicodeString] E8520000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoStartTimer] 000022C0
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInitializeTimer] 8A05478A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoInitializeTimer] 001CC38E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInitializeDpc] 30C48300
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInitializeSpinLock] 1CC58688
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoInitializeIrp] 80E90000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ZwCreateKey] C6000000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 001CC386
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 438B0100
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ZwSetValueKey] 8E8D5018
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeInsertQueueDpc] 00001C98
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 2292E851
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoStartPacket] 538B0000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 52016A18
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 1CB4868D
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoFreeMdl] E8500000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmUnlockPages] 00002280
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 8A05478A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 001CC38E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 18C48300
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 1CC58688
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeSynchronizeExecution] 43EB0000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoStartNextPacket] 320C538A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeBugCheckEx] 88F93BC0
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 001CC396
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeSetTimer] F6317300
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!_allmul] 74070647
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmProbeAndLockPages] 75C0841A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!_except_handler3] 05578A0B
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!PoSetPowerState] 968801B0
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 00001CC5
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 57B60F66
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 533B6604
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!_aulldiv] 03087408
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!strstr] 72F93B3F
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!_strupr] 8A09EBDA
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeQuerySystemTime] 86880547
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 00001CC5
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!KeTickCount] 88084B8A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 001CC68E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoDeleteDevice] 40578B00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 8D52006A
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAllocateWorkItem] 001CC886
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAllocateIrp] 11E85000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoAllocateMdl] 8B000022
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CC08E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmLockPagableDataSection] C4968B00
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8900001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CCC8E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!ExFreePoolWithTag] D0968900
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoFreeIrp] 8B00001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!IoFreeWorkItem] 016A4047
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!InitSafeBootMode] D4C68150
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!RtlCompareMemory] 5600001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!PoCallDriver] 0021E7E8
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!memmove] 18C48300
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[ntoskrnl.exe!MmHighestUserAddress] 5D5B5E5F
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a25y8791.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F799E4FE] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F799E52C] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRequest] [F799E54E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F799E20E] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F799E256] PDDSLHND.sys (ProDyne DSL Handler/ProDyne)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 85BE11F8
Device \FileSystem\Fastfat \FatCdrom 85766500
Device \Driver\usbuhci \Device\USBPDO-0 858C41F8
Device \Driver\usbuhci \Device\USBPDO-1 858C41F8
Device \Driver\usbuhci \Device\USBPDO-2 858C41F8
Device \Driver\usbehci \Device\USBPDO-3 859BE1F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 85B751F8
Device \Driver\Cdrom \Device\CdRom0 858AA1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F73D1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F73D1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F73D1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e [F73D1B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 858AA1F8
Device \Driver\sptd \Device\936210416 spre.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 856271F8
Device \Driver\PCI_PNP9552 \Device\0000004c spre.sys
Device \Driver\NetBT \Device\NetbiosSmb 856271F8
Device \Driver\usbuhci \Device\USBFDO-0 858C41F8
Device \Driver\usbuhci \Device\USBFDO-1 858C41F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 854C9500
Device \Driver\usbuhci \Device\USBFDO-2 858C41F8
Device \Driver\usbstor \Device\0000007b 853CE1F8
Device \Driver\usbstor \Device\0000007c 853CE1F8
Device \Driver\usbehci \Device\USBFDO-3 859BE1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 854C9500
Device \Driver\usbstor \Device\0000007d 853CE1F8
Device \Driver\Ftdisk \Device\FtControl 85B751F8
Device \Driver\usbstor \Device\0000007e 853CE1F8
Device \Driver\usbstor \Device\0000007f 853CE1F8
Device \Driver\a25y8791 \Device\Scsi\a25y87911 858A21F8
Device \Driver\a25y8791 \Device\Scsi\a25y87911Port2Path0Target0Lun0 858A21F8
Device \FileSystem\Fastfat \Fat 85766500
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs 8579F500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF3 0xA7 0xE0 0x7B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xDA 0x7E 0xEC 0x44 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x94 0x0A 0x99 0x69 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF3 0xA7 0xE0 0x7B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xDA 0x7E 0xEC 0x44 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x94 0x0A 0x99 0x69 ...
---- EOF - GMER 1.0.15 ----
OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 08:15:36 on 26.03.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.13 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe "MP Scheduled Scan.job" - "Microsoft Corporation" - C:\Programme\Windows Defender\MpCmdRun.exe "1-Klick-Wartung.job" - "TuneUp Software GmbH" - C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "a25y8791" (a25y8791) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\a25y8791.sys (Hidden registry entry, rootkit activity | File signed by Microsoft) "ASPI32" (ASPI32) - "Adaptec" - C:\WINDOWS\System32\drivers\aspi32.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "BUFFALO TurboUSB for HD Filter" (bfturboh) - "BUFFALO INC." - C:\WINDOWS\System32\drivers\bfturboh.sys "catchme" (catchme) - ? - C:\cofi.exe\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "DrvAgent32" (DrvAgent32) - "Phoenix Technologies" - C:\WINDOWS\system32\Drivers\DrvAgent32.sys "GEAR ASPI Filter Driver" (GEARAspiWDM) - ? - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (File not found) "Huawei DataCard USB Modem and USB Serial" (hwdatacard) - ? - C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys (File not found) "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "KORG USB-MIDI Driver for Windows XP" (KORGUMDS) - "KORG Inc." - C:\WINDOWS\System32\Drivers\KORGUMDS.SYS "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDDSLHND" (PDDSLHND) - "ProDyne" - C:\WINDOWS\system32\drivers\PDDSLHND.sys "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "ProDyne DSL Adapter" (PDDSLADP) - "ProDyne" - C:\WINDOWS\System32\DRIVERS\PDDSLADP.SYS "pwlcapob" (pwlcapob) - ? - C:\DOKUME~1\Besitzer\LOKALE~1\Temp\pwlcapob.sys (Hidden registry entry, rootkit activity | File not found) "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS "Sony Ericsson Device 068 driver (WDM)" (se44bus) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44bus.sys "Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS)" (se44nd5) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44nd5.sys "Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM)" (se44unic) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44unic.sys "Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM)" (se44mgmt) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44mgmt.sys "Sony Ericsson Device 068 USB WMC Modem Driver" (se44mdm) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44mdm.sys "Sony Ericsson Device 068 USB WMC Modem Filter" (se44mdfl) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44mdfl.sys "Sony Ericsson Device 068 USB WMC OBEX Interface" (se44obex) - "MCCI" - C:\WINDOWS\System32\DRIVERS\se44obex.sys "sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys (File is exclusively opened, access blocked) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) "SynasUSB" (SynasUSB) - "SIA Syncrosoft" - C:\WINDOWS\System32\drivers\SynasUSB.sys "VIA AGP Filter" (viaagp1) - ? - C:\WINDOWS\System32\DRIVERS\viaagp1.sys (File not found) "Vinyl AC'97 Audio Controller (WDM)" (VIAudio) - "VIA Technologies, Inc." - C:\WINDOWS\System32\drivers\vinyl97.sys "VSO Software pcouffin" (pcouffin) - "VSO Software" - C:\WINDOWS\System32\Drivers\pcouffin.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll {7D4D6379-F301-4311-BEBA-E26EB0561882} "{7D4D6379-F301-4311-BEBA-E26EB0561882}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} "Microsoft AntiMalware ShellExecuteHook" - "Microsoft Corporation" - C:\PROGRA~1\WIFD1F~1\MpShHook.dll {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - ? - C:\Programme\7-Zip\7-zip.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654} "ICQ Lite Shell Extension" - ? - (File not found | COM-object registry key not found) {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? - (File not found | COM-object registry key not found) {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Programme\Windows Live\Messenger\fsshext.8.5.1302.1018.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler" - ? - (File not found | COM-object registry key not found) {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler" - ? - (File not found | COM-object registry key not found) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Programme\Real\RealPlayer\rpshell.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {738D66C6-0149-4D40-84E4-A7BB2D0CE949} "Sony Ericsson File Manager" - ? - (File not found | COM-object registry key not found) {4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\DseShExt-x86.dll {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Programme\TuneUp Utilities 2009\SDShelEx-win32.dll {44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll {45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information) [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) <binary data> "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof0.dll <binary data> "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) <binary data> "{A057A204-BACC-4D26-9990-79A187E2698E}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof0.dll {EF99BD32-C1FB-11D2-892F-0090271D4F88} "Yahoo! Toolbar" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx / hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab {31435657-9980-0010-8000-00AA00389B71} "{31435657-9980-0010-8000-00AA00389B71}" - ? - (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab {33564D57-0000-0010-8000-00AA00389B71} "{33564D57-0000-0010-8000-00AA00389B71}" - ? - (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB {41564D57-9980-0010-8000-00AA00389B71} "{41564D57-9980-0010-8000-00AA00389B71}" - ? - (File not found | COM-object registry key not found) / hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\Programme\Spybot - Search & Destroy\SDHelper.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof0.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine" - "Conduit Ltd." - C:\Programme\ConduitEngine\ConduitEngine.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof0.dll {53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\Programme\Spybot - Search & Destroy\SDHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\desktop.ini -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "Dit" - ? - Dit.exe (File found, but it contains no detailed information) [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Lexmark Print-2-Fax Port" - ? - C:\WINDOWS\system32\LXPRMON.DLL (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "AMService" (AMService) - ? - C:\WINDOWS\TEMP\qxhs\setup.exe run (File not found) "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "Canon Camera Access Library 8" (CCALib8) - "Canon Inc." - C:\Programme\Canon\CAL\CALMAIN.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe "LVSrvLauncher" (LVSrvLauncher) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe "NMSAccessU" (NMSAccessU) - ? - C:\Programme\CDBurnerXP\NMSAccessU.exe (File found, but it contains no detailed information) "Sony Ericsson OMSI download service" (OMSI download service) - ? - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (File found, but it contains no detailed information) "TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe "TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software" - C:\WINDOWS\System32\uxtuneup.dll "TuneUp Drive Defrag-Dienst" (TuneUp.Defrag) - "TuneUp Software" - C:\WINDOWS\System32\TuneUpDefragService.exe "TuneUp Program Statistics Service" (TuneUp.ProgramStatisticsSvc) - "TuneUp Software" - C:\WINDOWS\System32\TUProgSt.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Defender" (WinDefend) - "Microsoft Corporation" - C:\Programme\Windows Defender\MsMpEng.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Home Edition Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x000003bd Kernel Drivers (total 127): 0x804D7000 \WINDOWS\system32\ntoskrnl.exe 0x806EF000 \WINDOWS\system32\hal.dll 0xF7A89000 \WINDOWS\system32\KDCOM.DLL 0xF7999000 \WINDOWS\system32\BOOTVID.dll 0xF7475000 spre.sys 0xF7A8B000 \WINDOWS\System32\Drivers\WMILIB.SYS 0xF745D000 \WINDOWS\System32\Drivers\SCSIPORT.SYS 0xF742E000 ACPI.sys 0xF741D000 pci.sys 0xF7589000 isapnp.sys 0xF7A8D000 viaide.sys 0xF7809000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS 0xF73FF000 pcmcia.sys 0xF7599000 MountMgr.sys 0xF73E0000 ftdisk.sys 0xF7811000 PartMgr.sys 0xF75A9000 VolSnap.sys 0xF73C8000 atapi.sys 0xF75B9000 disk.sys 0xF75C9000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS 0xF73A8000 fltmgr.sys 0xF7396000 sr.sys 0xF75D9000 PxHelp20.sys 0xF737F000 KSecDD.sys 0xF736C000 WudfPf.sys 0xF72DF000 Ntfs.sys 0xF72B2000 NDIS.sys 0xF75E9000 viaagp.sys 0xF7298000 Mup.sys 0xF799D000 PDDSLHND.sys 0xF7639000 \SystemRoot\System32\DRIVERS\amdk7.sys 0xF6E51000 \SystemRoot\system32\DRIVERS\s3gnbm.sys 0xF6E3D000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xF6DAA000 \SystemRoot\system32\DRIVERS\Intels51.sys 0xF78B1000 \SystemRoot\System32\Drivers\Modem.SYS 0xF78B9000 \SystemRoot\System32\DRIVERS\usbuhci.sys 0xF6D86000 \SystemRoot\System32\DRIVERS\USBPORT.SYS 0xF78C1000 \SystemRoot\System32\DRIVERS\usbehci.sys 0xF7669000 \SystemRoot\System32\DRIVERS\i8042prt.sys 0xF78C9000 \SystemRoot\System32\DRIVERS\mouclass.sys 0xF78D1000 \SystemRoot\System32\DRIVERS\kbdclass.sys 0xF78D9000 \SystemRoot\System32\DRIVERS\fdc.sys 0xF7679000 \SystemRoot\System32\DRIVERS\serial.sys 0xF7A85000 \SystemRoot\System32\DRIVERS\serenum.sys 0xF6D72000 \SystemRoot\System32\DRIVERS\parport.sys 0xF7689000 \SystemRoot\System32\DRIVERS\cdrom.sys 0xF6D40000 \SystemRoot\system32\drivers\vinyl97.sys 0xF6D1C000 \SystemRoot\system32\drivers\portcls.sys 0xF76A9000 \SystemRoot\system32\drivers\drmk.sys 0xF6CF9000 \SystemRoot\system32\drivers\ks.sys 0xF6CC0000 \SystemRoot\System32\Drivers\a25y8791.SYS 0xF7CDD000 \SystemRoot\System32\DRIVERS\audstub.sys 0xF7719000 \SystemRoot\System32\DRIVERS\rasl2tp.sys 0xF7264000 \SystemRoot\System32\DRIVERS\ndistapi.sys 0xF6C98000 \SystemRoot\System32\DRIVERS\ndiswan.sys 0xF7729000 \SystemRoot\System32\DRIVERS\raspppoe.sys 0xF7739000 \SystemRoot\System32\DRIVERS\raspptp.sys 0xF7959000 \SystemRoot\System32\DRIVERS\TDI.SYS 0xF6C87000 \SystemRoot\System32\DRIVERS\psched.sys 0xF7749000 \SystemRoot\System32\DRIVERS\msgpc.sys 0xF7961000 \SystemRoot\System32\DRIVERS\ptilink.sys 0xF7969000 \SystemRoot\System32\DRIVERS\raspti.sys 0xF7254000 \SystemRoot\system32\DRIVERS\PDDSLADP.SYS 0xF7759000 \SystemRoot\System32\DRIVERS\termdd.sys 0xF7971000 \SystemRoot\system32\DRIVERS\seehcri.sys 0xF7AD3000 \SystemRoot\System32\DRIVERS\swenum.sys 0xF6C09000 \SystemRoot\System32\DRIVERS\update.sys 0xF7250000 \SystemRoot\System32\DRIVERS\mssmbios.sys 0xF7769000 \SystemRoot\System32\DRIVERS\redbook.sys 0xF7779000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xF6E7E000 \SystemRoot\system32\drivers\MODEMCSA.sys 0xF77A9000 \SystemRoot\System32\DRIVERS\usbhub.sys 0xF7AE3000 \SystemRoot\System32\DRIVERS\USBD.SYS 0xF7829000 \SystemRoot\System32\DRIVERS\flpydisk.sys 0xF7AE5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xF7C87000 \SystemRoot\System32\Drivers\Null.SYS 0xF7AE7000 \SystemRoot\System32\Drivers\Beep.SYS 0xF7839000 \SystemRoot\System32\drivers\vga.sys 0xF7AE9000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xF7AEB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xF7841000 \SystemRoot\System32\Drivers\Msfs.SYS 0xF7849000 \SystemRoot\System32\Drivers\Npfs.SYS 0xF7A41000 \SystemRoot\System32\DRIVERS\rasacd.sys 0xF4552000 \SystemRoot\System32\DRIVERS\ipsec.sys 0xF44F9000 \SystemRoot\System32\DRIVERS\tcpip.sys 0xF44D1000 \SystemRoot\System32\DRIVERS\netbt.sys 0xF7A45000 \SystemRoot\System32\drivers\ws2ifsl.sys 0xF44AF000 \SystemRoot\System32\drivers\afd.sys 0xF77C9000 \SystemRoot\System32\DRIVERS\netbios.sys 0xF7851000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0xF448D000 \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS 0xF7859000 \??\C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS 0xF4462000 \SystemRoot\System32\DRIVERS\rdbss.sys 0xF43CA000 \SystemRoot\System32\DRIVERS\mrxsmb.sys 0xF77E9000 \SystemRoot\System32\Drivers\Fips.SYS 0xF43A4000 \SystemRoot\System32\DRIVERS\ipnat.sys 0xF77F9000 \SystemRoot\System32\DRIVERS\wanarp.sys 0xF437E000 \SystemRoot\system32\DRIVERS\avipbb.sys 0xF7869000 \SystemRoot\System32\DRIVERS\USBSTOR.SYS 0xF7AEF000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys 0xF7A65000 \SystemRoot\System32\DRIVERS\hidusb.sys 0xF7629000 \SystemRoot\System32\DRIVERS\HIDCLASS.SYS 0xF7871000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS 0xF7A69000 \SystemRoot\System32\DRIVERS\mouhid.sys 0xF76D9000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xF4366000 \SystemRoot\System32\Drivers\dump_atapi.sys 0xF7B01000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS 0xBF800000 \SystemRoot\System32\win32k.sys 0xF7268000 \SystemRoot\System32\drivers\Dxapi.sys 0xF7889000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xF7C90000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\s3gnb.dll 0xBF073000 \SystemRoot\System32\ATMFD.DLL 0xEFC11000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0xEFBAD000 \SystemRoot\System32\DRIVERS\ndisuio.sys 0xEF88C000 \SystemRoot\system32\drivers\wdmaud.sys 0xEFA61000 \SystemRoot\system32\drivers\sysaudio.sys 0xF7AF5000 \SystemRoot\System32\Drivers\ParVdm.SYS 0xF7911000 \SystemRoot\System32\drivers\aspi32.sys 0xEF5DE000 \SystemRoot\System32\DRIVERS\srv.sys 0xEF255000 \SystemRoot\System32\Drivers\HTTP.sys 0xEF001000 \SystemRoot\System32\Drivers\Fastfat.SYS 0xEEFBD000 \??\C:\DOKUME~1\Besitzer\LOKALE~1\Temp\pwlcapob.sys 0xEF1F5000 \SystemRoot\System32\DRIVERS\fetnd5.sys 0x7C910000 \WINDOWS\system32\ntdll.dll 0x10000000 \Programme\DAEMON Tools Lite\Engine.dll Processes (total 36): 0 System Idle Process 4 System 808 C:\WINDOWS\system32\smss.exe 932 csrss.exe 956 C:\WINDOWS\system32\winlogon.exe 1020 C:\WINDOWS\system32\services.exe 1032 C:\WINDOWS\system32\lsass.exe 1216 C:\WINDOWS\system32\svchost.exe 1312 svchost.exe 1420 C:\Programme\Windows Defender\MsMpEng.exe 1464 C:\WINDOWS\system32\svchost.exe 1504 C:\WINDOWS\system32\svchost.exe 1768 svchost.exe 1872 svchost.exe 2020 C:\WINDOWS\explorer.exe 232 C:\WINDOWS\system32\spoolsv.exe 320 C:\Programme\Avira\AntiVir Desktop\sched.exe 624 C:\WINDOWS\Dit.exe 688 C:\Programme\Avira\AntiVir Desktop\avgnt.exe 1156 C:\WINDOWS\DitExp.exe 556 C:\Programme\Avira\AntiVir Desktop\avguard.exe 632 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 660 C:\Programme\Bonjour\mDNSResponder.exe 852 C:\Programme\Avira\AntiVir Desktop\avshadow.exe 1300 C:\Programme\Java\jre6\bin\jqs.exe 1900 C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe 184 C:\Programme\CDBurnerXP\NMSAccessU.exe 384 C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe 492 C:\WINDOWS\system32\svchost.exe 476 C:\Programme\TomTom HOME 2\TomTomHOMEService.exe 288 C:\WINDOWS\system32\TUProgSt.exe 720 C:\Programme\Canon\CAL\CALMAIN.exe 2604 alg.exe 3244 C:\Programme\Mozilla Firefox\firefox.exe 356 C:\WINDOWS\system32\clipbrd.exe 204 C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Downloads\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) PhysicalDrive0 Model Number: IC35L120AVV207-0, Rev: V24OA66A Size Device Name MBR Status -------------------------------------------- 115 GB \\.\PhysicalDrive0 Windows XP MBR code detected SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11 Done! Geändert von v. stadtfeld (26.03.2011 um 11:41 Uhr) |
| Themen zu redirect/jump in google |
| antispyware, avira, behandelt, explorer.exe, folge, folgendes, gefunde, google, hoffe, hänge, leute, malwarebytes, redirect, seite, stürzt, verlinkt, öfter |
Baum-Darstellung