Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.07.2010, 10:49   #1
SichlMichl
 
Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? - Unglücklich

Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?



Hallo Helfer!

Ich habe auf meinem Laptop den o. g. Trojaner.

Ich habe schon ein bisschen rumgelesen und festgestellt, dass der auch schon andere Systeme angegriffen hat.

Aus diesem Thread(s) habe ich auch gelesen, welche Schritte zu einer Vorabanalyse (Dank an Larusso) durchgeführt werden sollen.

Hier sind die 4 Logfiles:

Malwarebytes:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4332

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.07.2010 21:57:49
mbam-log-2010-07-20 (21-57-49).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 125757
Laufzeit: 11 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9301f87-82ed-47f5-82ab-498ef4dcb0f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9301f87-82ed-47f5-82ab-498ef4dcb0f9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Standard\Desktop\.url (Malware.Trace) -> Quarantined and deleted successfully.
         
GMER:
Code:
ATTFilter
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-07-20 22:09:03
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOKUME~1\Standard\LOKALE~1\Temp\afaoapoc.sys


---- Kernel code sections - GMER 1.0.15 ----

?               bfuqimhh.sys                                                                                                                          Das System kann die angegebene Datei nicht finden. !
init            C:\WINDOWS\system32\drivers\ALCXSENS.SYS                                                                                              entry point in "init" section [0xBA5D1900]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\SOUNDMAN.EXE[296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\AGRSMMSG.exe[404] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                    [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                             [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\hkcmd.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\QuickTime\qttask.exe[1244] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                        [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                 [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                       [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                 [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Real\RealPlayer\RealPlay.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\PROGRA~1\LAUNCH~1\LManager.EXE[1416] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                        [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                              [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                              [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                              [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Arcade\PCMService.exe[1468] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW]                                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]                                   [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\Explorer.EXE[1564] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                          [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                 [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\igfxtray.exe[1712] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]            [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                  [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe[2140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                      [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                      [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                      [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]               [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                     [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                     [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                       [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\avmwlanstick\FRITZWLANMini.exe[2232] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]               [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]        [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]  [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe[2260] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]        [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]    [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe[2312] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]          [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                 [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\HP\HP Software Update\HPWuSchd2.exe[2360] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                   [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                   [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                    [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                            [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                                  [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW]                            [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\WINDOWS\system32\ctfmon.exe[2460] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW]                                  [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                                [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                 [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                               [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]                         [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                               [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\Messenger\msmsgs.exe[2492] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]                         [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!CreateProcessW]                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                          [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                          [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\shell32.dll [ADVAPI32.dll!CreateProcessAsUserW]                   [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                         [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\STIHL\Bildschirmschoner\TaskTray.exe[2548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                         [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]            [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]            [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]           [7C884205] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW]     [77E15600] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]           [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]             [7C884200] C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation)
IAT             C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe[2584] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA]     [77E15605] C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                              fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         

Alt 21.07.2010, 10:51   #2
SichlMichl
 
Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? - Standard

Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?



Und hier der Rest...

OTL - Extra:
Code:
ATTFilter
OTL Extras logfile created on: 20.07.2010 22:16:41 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\Standard\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
495,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 28,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 26,87 Gb Total Space | 2,48 Gb Free Space | 9,24% Space Free | Partition Type: FAT32
Drive D: | 9,01 Gb Total Space | 9,01 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ACER-9EC38315D8
Current User Name: Standard
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- File not found
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{09E4C6A0-AB81-4ADA-9163-DD7B724E0BB6}" = Janosch Vorschule
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{21E90952-11F1-4473-9D6C-2EE09BCB10C3}" = OpenOffice.org 2.0
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Arcade 3.0
"{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Internet Library
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = RAW Image Task 1.2
"{4C96958A-6562-4143-B820-FF4890D3B734}" = Camera Window DVC
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142070}" = Java 2 Runtime Environment, SE v1.4.2_07
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = MovieEdit Task
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Camera Window DS
"{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Camera Support Core Library
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-000000000001}" = Adobe Reader 6.0
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B991B020-2968-11D8-AF23-444553540000}_is1" = FreeMind
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Camera Window MC
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = 
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ERUNT_is1" = ERUNT 1.1j
"Home Photo Service Light" = Home Photo Service Light
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Canon Internet Library for ZoomBrowser EX
"InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{4C96958A-6562-4143-B820-FF4890D3B734}" = Canon Camera Window DVC for ZoomBrowser EX
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"InstallShield_{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Canon Camera Window DS for ZoomBrowser EX
"InstallShield_{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Canon Camera Support Core Library
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold 
"InstallShield_{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Canon Camera Window for ZoomBrowser EX
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = Ahead NeroMIX
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows CE Services" = Microsoft ActiveSync 3.8
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.03.2010 16:00:05 | Computer Name = ACER-9EC38315D8 | Source = Avira AntiVir | ID = 4118
Description = 
 
Error - 11.04.2010 15:29:48 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 11.04.2010 15:30:11 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 12.04.2010 06:36:10 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 12.04.2010 06:41:13 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.8.20071.816, fehlgeschlagenes
 Modul xpcom_core.dll, Version 1.8.20071.816, Fehleradresse 0x0003fc4e.
 
Error - 06.07.2010 03:35:44 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3814, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 06.07.2010 16:52:08 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul shlwapi.dll, Version 6.0.2900.5912, Fehleradresse 0x000592d7.
 
Error - 11.07.2010 15:35:25 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 18.07.2010 16:38:27 | Computer Name = ACER-9EC38315D8 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung pushinst.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul pushinst.exe, Version 0.0.0.0, Fehleradresse 0x00004091.
 
Error - 20.07.2010 15:13:10 | Computer Name = ACER-9EC38315D8 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Load.exe, Version 3.3.6.1, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 20.07.2010 15:24:23 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Planer" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 15:24:24 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Guard" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 15:24:24 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7034
Description = Dienst "T-Online WLAN Adapter Steuerungsdienst" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 20.07.2010 16:00:27 | Computer Name = ACER-9EC38315D8 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   IntelIde
 
 
< End of report >
         
OTL:
Code:
ATTFilter
OTL logfile created on: 20.07.2010 22:16:41 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\Standard\Desktop\MFTools
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
495,00 Mb Total Physical Memory | 138,00 Mb Available Physical Memory | 28,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 26,87 Gb Total Space | 2,48 Gb Free Space | 9,24% Space Free | Partition Type: FAT32
Drive D: | 9,01 Gb Total Space | 9,01 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ACER-9EC38315D8
Current User Name: Standard
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - [2010.07.20 21:17:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Standard\Desktop\MFTools\OTL.exe
PRC - [2008.10.31 19:52:24 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008.10.31 19:52:14 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008.07.21 20:48:46 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.10.04 22:00:08 | 000,647,220 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe
PRC - [2006.10.04 21:51:16 | 000,442,433 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MWLaMaS.exe
PRC - [2006.10.04 21:36:26 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
PRC - [2006.06.23 11:24:12 | 000,343,552 | ---- | M] (AVM Berlin GmbH) -- C:\Programme\avmwlanstick\FRITZWLanMini.exe
PRC - [2006.02.24 17:28:22 | 002,478,080 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 2.0\program\soffice.bin
PRC - [2006.02.24 17:28:20 | 002,334,720 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 2.0\program\soffice.exe
PRC - [2005.01.15 12:24:18 | 000,032,881 | ---- | M] () -- C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe
PRC - [2005.01.04 12:27:00 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.11.19 14:05:40 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\realplay.exe
PRC - [2004.10.01 16:46:02 | 000,262,144 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.EXE
PRC - [2004.08.27 16:50:06 | 000,081,920 | ---- | M] (CyberLink Corp.) -- C:\Programme\Arcade\PCMService.exe
PRC - [2004.07.27 17:01:36 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2003.02.26 12:22:12 | 000,318,976 | ---- | M] (silkmoth plc) -- C:\STIHL\Bildschirmschoner\TaskTray.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.07.20 21:17:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Standard\Desktop\MFTools\OTL.exe
MOD - [2010.07.15 21:56:00 | 000,046,592 | ---- | M] () -- C:\WINDOWS\system32\rdsacont.dll
MOD - [2008.04.14 04:22:14 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008.04.14 04:22:12 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.27 16:42:36 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\Shared Files\CLRCEngine.dll
MOD - [2004.08.04 05:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
SRV - [2008.10.31 19:52:24 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008.10.31 19:52:14 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006.10.04 21:36:26 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2009.05.31 20:25:22 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009.05.31 20:25:14 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008.04.13 20:53:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006.10.04 09:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2006.04.06 01:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2004.11.19 14:05:44 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2004.10.07 16:47:40 | 000,006,912 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2004.09.20 17:37:24 | 000,010,363 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2004.09.02 17:27:00 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2004.08.09 14:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.07 18:51:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004.08.02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.07.22 14:50:16 | 001,268,234 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004.07.19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2004.06.16 11:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004.06.01 11:50:50 | 000,004,054 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2004.03.29 17:23:42 | 000,140,288 | ---- | M] (Inprocomm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i2220ntx.sys -- (IPN2220)
DRV - [2004.02.24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.12.05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.10.08 11:11:26 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wA301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
DRV - [2003.09.14 15:27:50 | 000,018,838 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.16 21:11:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2007.01.20 16:19:50 | 000,000,000 | ---D | M]
 
[2009.02.21 22:09:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Extensions
[2007.01.20 16:20:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Mozilla\Firefox\Profiles\jao6wyku.default\extensions
[2010.04.16 21:11:06 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [EPM-DM] C:\Acer\ePM\EPM-DM.exe File not found
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Programme\Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_07\bin\jusched.exe ()
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKCU..\Run: ['STIHL Bildschirmschoner'  ] c:\STIHL\Bildschirmschoner\TaskTray.exe (silkmoth plc)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\Standard\Startmenü\Programme\Autostart\OpenOffice.org 2.0.lnk = C:\Programme\OpenOffice.org 2.0\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Programme\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.07 16:31:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{2efdcbf0-ce4d-11db-bc62-00023f0eb916}\Shell - "" = AutoRun
O33 - MountPoints2\{2efdcbf0-ce4d-11db-bc62-00023f0eb916}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2efdcbf0-ce4d-11db-bc62-00023f0eb916}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: gdipm12 - (C:\WINDOWS\system32\rdsacont.dll) - C:\WINDOWS\system32\rdsacont.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (15776209447157760)
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.07.20 21:43:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.07.20 21:42:42 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2010.07.20 21:23:29 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.07.20 21:22:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Malwarebytes
[2010.07.20 21:22:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.20 21:22:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.07.20 21:22:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.20 21:22:01 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.07.20 21:14:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Desktop\MFTools
[2010.07.08 22:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Eigene Dateien\Downloads
[2010.07.06 22:44:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Standard\Desktop\DarkShot
 
========== Files - Modified Within 90 Days ==========
 
[2010.07.20 22:12:52 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.20 22:12:12 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.20 22:12:08 | 519,622,656 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.20 22:12:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.20 22:11:14 | 004,980,736 | -H-- | M] () -- C:\Dokumente und Einstellungen\Standard\NTUSER.DAT
[2010.07.20 22:11:14 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Standard\ntuser.ini
[2010.07.20 21:42:44 | 000,000,499 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Desktop\NTREGOPT.lnk
[2010.07.20 21:42:44 | 000,000,480 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Desktop\ERUNT.lnk
[2010.07.20 21:22:14 | 000,000,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.20 21:14:42 | 000,284,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Gmer.zip
[2010.07.20 21:12:08 | 000,410,680 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Load.exe
[2010.07.15 21:56:00 | 000,046,592 | ---- | M] () -- C:\WINDOWS\System32\rdsacont.dll
[2010.07.07 22:36:32 | 000,799,059 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Eigene Dateien\einladung  b.odt
[2010.06.14 15:18:50 | 000,173,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.13 21:49:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.27 22:01:18 | 000,036,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.05.05 19:20:14 | 000,010,387 | ---- | M] () -- C:\Dokumente und Einstellungen\Standard\Eigene Dateien\Elternkasse.ods
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2010.07.20 22:02:35 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\gmer.exe
[2010.07.20 21:42:42 | 000,000,499 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\NTREGOPT.lnk
[2010.07.20 21:42:42 | 000,000,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\ERUNT.lnk
[2010.07.20 21:22:13 | 000,000,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.20 21:14:35 | 000,284,915 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Gmer.zip
[2010.07.20 21:11:58 | 000,410,680 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Desktop\Load.exe
[2010.07.15 21:55:58 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\rdsacont.dll
[2010.07.06 23:00:29 | 000,799,059 | ---- | C] () -- C:\Dokumente und Einstellungen\Standard\Eigene Dateien\einladung  b.odt
[2007.10.17 09:55:15 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007.02.08 18:46:24 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2007.02.08 18:46:08 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2007.02.08 18:46:07 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2007.02.08 18:46:07 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2006.12.29 13:07:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006.08.31 21:39:19 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2006.07.28 16:20:14 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2006.07.28 16:20:14 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2006.02.12 19:52:10 | 000,000,093 | ---- | C] () -- C:\WINDOWS\'STIHL Bildschirmschoner'.ini
[2006.02.12 19:52:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2006.01.31 21:25:23 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006.01.31 20:50:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.01.08 23:22:35 | 000,004,500 | ---- | C] () -- C:\WINDOWS\System32\FILTRCOI.DLL
[2004.10.07 17:48:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.10.07 16:50:44 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2004.10.07 16:50:43 | 000,000,336 | ---- | C] () -- C:\WINDOWS\uninstall.ini
[2004.10.07 16:47:39 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll
[2004.10.07 16:47:07 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2004.10.07 16:47:07 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2004.10.07 16:41:33 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004.10.07 16:41:31 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2004.10.07 16:36:43 | 000,037,684 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.10.07 16:27:19 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001.07.07 03:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1980.01.01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980.01.01 00:00:00 | 000,000,095 | ---- | C] () -- C:\WINDOWS\ALAUNCH.INI
 
========== LOP Check ==========
 
[2004.11.19 14:06:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2005.02.10 04:52:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OLYMPUS
[2007.02.08 18:45:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2007.05.20 19:56:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2007.02.08 18:46:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\T-Online
[2007.10.17 10:07:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\Image Zone Express
[2010.04.16 20:38:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Standard\Anwendungsdaten\MSNInstaller
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.* >
[2004.10.07 16:07:22 | 000,000,067 | RHS- | M] () -- C:\PRELOAD.AAA
[2010.07.20 22:12:06 | 780,140,544 | -HS- | M] () -- C:\pagefile.sys
[2008.12.10 19:44:42 | 000,000,000 | -H-- | M] () -- C:\BOOTLOG.TXT
[2004.10.07 16:10:46 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2004.08.04 05:00:00 | 000,004,952 | RHS- | M] () -- C:\bootfont.bin
[2008.10.11 21:05:48 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2004.08.04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2005.01.08 23:19:40 | 000,000,194 | RHS- | M] () -- C:\BOOT.INI
[2004.10.07 16:31:32 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004.10.07 16:31:32 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004.10.07 16:31:32 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004.10.07 16:31:32 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004.11.19 14:06:10 | 000,000,783 | -H-- | M] () -- C:\IPH.PH
[2010.07.20 22:12:08 | 519,622,656 | -HS- | M] () -- C:\hiberfil.sys
[2009.06.22 13:37:00 | 000,000,000 | ---- | M] () -- C:\Log.txt
[2005.01.08 23:20:34 | 000,000,090 | ---- | M] () -- C:\setup.log
[2010.04.17 21:49:06 | 000,000,161 | ---- | M] () -- C:\TO_InstallLog.txt
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2004.10.07 16:21:16 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2004.10.07 16:21:16 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.10.07 16:21:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
 
< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
 
< %systemroot%\system32\user32.dll /md5 >
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2008.04.14 04:22:32 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=6A35E2D6F5F052C84EC2CEB296389439 -- C:\WINDOWS\system32\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2008.04.14 04:22:32 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C7D8A0517CBF16B84F657DE87EBE9D4B -- C:\WINDOWS\system32\ws2help.dll
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-07-15 19:34:41
< End of report >
         
Ich wäre euch wirklich dankbar, wenn ihr mir helfen könntet, das System wieder zu säubern...

Viele Grüße,
Michl
__________________


Alt 21.07.2010, 16:37   #3
SichlMichl
 
Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? - Standard

Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?



Nochmal nach vorne...
__________________

Alt 22.07.2010, 13:26   #4
SichlMichl
 
Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? - Standard

Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?



ich komme echt nicht weiter...

Kann mir wirklich niemand helfen??? *verzweifelt schau*

Antwort

Themen zu Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?
.dll, antivir, avg, bildschirmschoner, browser, dateien, desktop, einstellungen, entfernen, explorer, explorer.exe, festgestellt, helper, jusched.exe, launch, logfiles, messenger, microsoft, programme, realplay.exe, realplayer, shell32.dll, software, sp3, stick, temp, windows, windows xp



Ähnliche Themen: Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?


  1. Ads By Browse Plus entfernen
    Anleitungen, FAQs & Links - 21.09.2015 (2)
  2. Browse for the Cause entfernen
    Anleitungen, FAQs & Links - 24.08.2015 (2)
  3. Ads By Browse Beyond entfernen
    Anleitungen, FAQs & Links - 16.08.2015 (2)
  4. Browse Pax Deals entfernen
    Anleitungen, FAQs & Links - 24.03.2014 (2)
  5. Mega Browse entfernen
    Anleitungen, FAQs & Links - 27.01.2014 (2)
  6. Browse-Search.com entfernen
    Anleitungen, FAQs & Links - 18.01.2014 (2)
  7. c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (23)
  8. c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält Fehler
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (11)
  9. Wie kann ich "Browse To Save" entfernen?
    Log-Analyse und Auswertung - 14.05.2013 (11)
  10. browse to safe (slideup) entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (22)
  11. "click to continue" oder "browse to save" entfernen
    Log-Analyse und Auswertung - 02.04.2013 (21)
  12. Ads by Browse to Save
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (21)
  13. Ads by Browse to Save - Virus? Wie Entfernen?
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (13)
  14. "click to continue" oder "browse to save" entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (2)
  15. TR/Spy.Browse.A
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (18)
  16. C:\WINDOWS\system32\ChCfhelp.dll - TR/Spy.Browse.A
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (15)
  17. TR/Spy.Browse.A gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (1)

Zum Thema Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? - Hallo Helfer! Ich habe auf meinem Laptop den o. g. Trojaner. Ich habe schon ein bisschen rumgelesen und festgestellt, dass der auch schon andere Systeme angegriffen hat. Aus diesem Thread(s) - Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen?...
Archiv
Du betrachtest: Wie TR/Spy.Browse.A auf Windows XP SP3 entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.