Trojaner-Board - AVG secure search entfernen

Danke, Schrauber. Da alles nichts genutzt hat (nicht nur firefox, sondern auch IE und Chrome sind jetzt von Sapdo infiziert), logfile von OTL. Aus Verzweiflung habe ich vergessen, die Minimallösung anzukreuzen. :heulen:KäseOTL Logfile:

Code:

OTL logfile created on: 20.11.2013 00:48:18 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = D:\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1023,29 Mb Total Physical Memory | 254,62 Mb Available Physical Memory | 24,88% Memory free

2,40 Gb Paging File | 1,75 Gb Available in Paging File | 72,68% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 66,02 Gb Total Space | 37,21 Gb Free Space | 56,37% Space Free | Partition Type: FAT32

Drive D: | 43,88 Gb Total Space | 26,07 Gb Free Space | 59,42% Space Free | Partition Type: FAT32

 

Computer Name: BILLYRUBIN | User Name: Mama | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.11.20 00:47:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe

PRC - [2013.11.19 17:17:20 | 000,302,961 | ---- | M] () -- C:\Programme\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

PRC - [2013.11.13 04:39:06 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe

PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe

PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe

PRC - [2013.10.08 07:48:24 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe

PRC - [2013.07.02 09:16:26 | 000,254,336 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe

PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe

PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006.06.08 20:33:02 | 000,053,248 | ---- | M] (ASUSTeK Computer INC.) -- C:\Programme\Asus\ATK Media\DMedia.exe

PRC - [2005.11.29 03:51:04 | 000,099,872 | ---- | M] (Infineon Technologies AG) -- c:\Programme\Infineon\Security Platform Software\PSDsrvc.EXE

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.11.19 17:17:20 | 000,302,961 | ---- | M] () -- C:\Programme\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

MOD - [2013.11.13 04:39:46 | 003,363,952 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll

MOD - [2013.10.22 07:20:36 | 000,099,096 | ---- | M] () -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\{b528c100-91cd-4501-8481-cb9f9d731223}\components\SmartbarFireFoxRemotePlugin_25.dll

MOD - [2013.09.03 15:54:02 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

MOD - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe

 

 
 ========== Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2013.11.19 17:20:26 | 000,285,795 | ---- | M] () [Auto | Stopped] -- C:\Programme\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)

SRV - [2013.11.13 04:39:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2013.10.08 07:48:24 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2013.07.25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)

SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)

SRV - [2005.11.29 03:51:04 | 000,099,872 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- c:\Programme\Infineon\Security Platform Software\PSDsrvc.EXE -- (PersonalSecureDriveService)

SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wdcsam.sys -- (WDC_SAM)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys -- (SYMIDSCO)

DRV - File not found [File_System | On_Demand | Stopped] --  -- (StarOpen)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2013.10.02 18:30:36 | 005,560,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2013.10.02 18:30:28 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2013.10.02 18:30:26 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2013.10.01 09:53:00 | 000,030,504 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)

DRV - [2013.09.12 12:03:12 | 000,415,576 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2013.09.12 12:03:12 | 000,415,576 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTL8023xp)

DRV - [2013.06.05 18:07:24 | 000,036,832 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)

DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2013.03.14 22:17:44 | 000,015,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\amdkmafd.sys -- (amdkmafd)

DRV - [2012.06.24 17:58:44 | 000,724,096 | ---- | M] (BzeekLand LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bzeek.sys -- (w39n51)

DRV - [2010.11.04 15:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\MxEFUF32.sys -- (MxEFUF)

DRV - [2010.10.07 14:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)

DRV - [2009.10.26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)

DRV - [2009.09.15 03:36:18 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2009.09.07 09:00:28 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007.08.28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)

DRV - [2007.04.24 12:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt)

DRV - [2007.04.24 12:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)

DRV - [2007.04.24 12:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)

DRV - [2007.04.24 12:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)

DRV - [2007.04.24 12:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus)

DRV - [2006.08.08 23:15:14 | 001,116,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)

DRV - [2006.08.08 23:15:14 | 000,007,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)

DRV - [2006.08.02 01:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2005.11.29 03:50:58 | 000,036,768 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\psd.sys -- (PersonalSecureDrive)

DRV - [2005.10.20 20:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)

DRV - [2005.04.14 22:00:00 | 000,273,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://do-search.com/web/?type=ds&ts=1384563289&from=tugs&uid=HitachiXHTS541612J9SA00_SB2D01E4G8KTXBG8KTXBX&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://do-search.com/web/?type=ds&ts=1384563289&from=tugs&uid=HitachiXHTS541612J9SA00_SB2D01E4G8KTXBG8KTXBX&q={searchTerms}

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.de/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C B3 17 06 FD 6B CE 01  [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

IE - HKCU\..\SearchScopes,DefaultScope = 

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131030

FF - prefs.js..extensions.enabledAddons: %7Bb528c100-91cd-4501-8481-cb9f9d731223%7D:1.1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programme\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins

 

[2010.09.06 12:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Extensions

[2010.09.06 12:30:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010.09.06 12:31:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\o3ogumdb.default\extensions

[2011.09.25 01:52:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\o3ogumdb.default\extensions\plugin@yontoo(2).com

[2013.02.25 03:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions

[2013.11.02 14:49:48 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2013.11.16 01:45:24 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\{b528c100-91cd-4501-8481-cb9f9d731223}

[2013.02.25 03:12:02 | 000,151,038 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi

[2013.07.24 22:53:42 | 000,269,092 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi

[2013.10.17 23:40:36 | 000,915,554 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Mozilla\Firefox\Profiles\rbvxlcgz.default-1352073635531\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.11.20 00:36:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions

[2013.11.20 00:36:44 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

O1 HOSTS File: ([2013.11.19 17:20:46 | 000,113,896 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 mediaplayer.browserupdater.org # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 www.judgeporn.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 www.realgfporn.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 www.x3xtube.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 212link.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups

O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups

O1 - Hosts: 1921 more lines...

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\Asus\ATK Media\DMedia.exe (ASUSTeK Computer INC.)

O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Programme\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()

O4 - HKLM..\Run: [MSC] c:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 10.45.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.225 83.169.184.161

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41CED0F9-0A35-44E1-AC1D-A2175492F8E6}: DhcpNameServer = 83.169.184.225 83.169.184.161

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.09.03 17:30:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]

O33 - MountPoints2\{2f7b4940-cb95-11e1-a442-0018de8e6662}\Shell - "" = AutoRun

O33 - MountPoints2\{2f7b4940-cb95-11e1-a442-0018de8e6662}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{2f7b4940-cb95-11e1-a442-0018de8e6662}\Shell\AutoRun\command - "" = F:\start.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.11.20 00:37:14 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2013.11.20 00:36:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox

[2013.11.20 00:24:29 | 000,283,184 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup Stub 25.0.1.exe

[2013.11.19 23:41:15 | 000,000,000 | ---D | C] -- C:\Programme\msn gaming zone

[2013.11.19 23:38:14 | 017,010,016 | ---- | C] (Microsoft Corporation) -- C:\Programme\IE8-WindowsXP-x86-DEU.exe

[2013.11.19 18:10:01 | 021,896,408 | ---- | C] (Microsoft Corporation) -- C:\Programme\Windows-KB890830-V5.6.exe

[2013.11.19 17:07:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Mama\Recent

[2013.11.19 00:30:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)

[2013.11.19 00:18:03 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys

[2013.11.19 00:17:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Desktop\mbar

[2013.11.17 23:56:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Google

[2013.11.17 23:51:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2013.11.17 23:51:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013.11.17 23:51:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2013.11.17 02:26:34 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2013.11.17 01:34:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner

[2013.11.17 01:34:38 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner

[2013.11.16 02:05:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Sun

[2013.11.16 01:46:57 | 000,000,000 | ---D | C] -- C:\Programme\Uninstaller

[2013.11.12 22:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2013.11.09 12:55:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Thunderbird

[2013.11.08 23:20:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Identities

[2013.11.08 22:57:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Temp

[2013.11.08 22:57:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Adobe

[2013.11.08 22:41:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Anwendungsdaten\Mozilla

[2013.11.03 02:35:01 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird

[2013.10.26 01:40:14 | 006,609,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\NETwLx32.sys

[2013.10.26 01:40:14 | 002,763,504 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETwLr32.dll

[2013.10.26 01:40:14 | 000,682,736 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\NETwLc32.dll

[2013.10.25 02:08:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA

[2013.10.24 22:52:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\Easeware

[2013.10.24 01:24:34 | 000,015,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdkmafd.sys

[2013.10.23 02:38:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\TuneUp Registry Editor

[2013.10.23 02:14:12 | 000,000,000 | ---D | C] -- D:\Downloads

[2013.10.23 02:03:05 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2013.10.23 02:02:47 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2013.10.23 02:02:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2013.10.23 02:02:46 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.11.20 00:53:56 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job

[2013.11.20 00:43:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.11.20 00:42:52 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat

[2013.11.20 00:37:18 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.11.20 00:24:32 | 000,283,184 | ---- | M] (Mozilla) -- C:\Programme\Firefox Setup Stub 25.0.1.exe

[2013.11.19 23:39:50 | 000,000,134 | ---- | M] () -- C:\Dokumente und Einstellungen\Mama\Desktop\Internet Explorer-Problembehebung.url

[2013.11.19 23:38:28 | 017,010,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\IE8-WindowsXP-x86-DEU.exe

[2013.11.19 23:33:06 | 000,520,176 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.11.19 23:33:06 | 000,475,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.11.19 23:33:06 | 000,102,720 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.11.19 23:33:06 | 000,077,314 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.11.19 23:32:10 | 000,001,943 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013.11.19 18:10:18 | 021,896,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows-KB890830-V5.6.exe

[2013.11.19 17:20:38 | 000,000,732 | ---- | M] () -- C:\Dokumente und Einstellungen\Mama\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk

[2013.11.19 11:21:30 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe

[2013.11.19 03:02:58 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

[2013.11.19 01:33:14 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.11.19 00:28:40 | 000,047,064 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys

[2013.11.17 23:52:00 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013.11.17 01:34:48 | 000,000,558 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk

[2013.11.08 23:02:00 | 000,002,670 | ---- | M] () -- D:\cc_20131108_230139.reg

[2013.11.08 23:01:06 | 000,519,678 | ---- | M] () -- C:\WINDOWS\System32\prfh0407.dat

[2013.11.08 23:01:06 | 000,102,426 | ---- | M] () -- C:\WINDOWS\System32\prfc0407.dat

[2013.11.08 22:12:54 | 083,705,178 | ---- | M] () -- D:\backup.reg

[2013.11.05 00:21:12 | 000,027,426 | ---- | M] () -- D:\ausgeschnitten.odt

[2013.11.04 00:37:22 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume D Task.job

[2013.11.04 00:37:18 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job

[2013.11.04 00:22:46 | 000,012,140 | ---- | M] () -- D:\Raum.odt

[2013.11.02 04:12:38 | 000,001,448 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Defraggler.lnk

[2013.11.02 02:17:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.10.28 01:37:36 | 000,012,271 | ---- | M] () -- D:\oldenburg fin.odt

[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.11.20 00:37:16 | 000,000,606 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

[2013.11.20 00:37:16 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.11.19 23:39:49 | 000,000,134 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\Desktop\Internet Explorer-Problembehebung.url

[2013.11.19 17:50:48 | 000,001,943 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2013.11.19 17:17:22 | 000,000,732 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\Desktop\Desinstaller_HOSTS_Anti-PUPs.lnk

[2013.11.19 03:11:39 | 000,000,358 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job

[2013.11.17 23:51:58 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2013.11.17 01:34:47 | 000,000,558 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk

[2013.11.08 23:01:55 | 000,002,670 | ---- | C] () -- D:\cc_20131108_230139.reg

[2013.11.08 22:56:52 | 000,519,678 | ---- | C] () -- C:\WINDOWS\System32\prfh0407.dat

[2013.11.08 22:56:51 | 000,102,426 | ---- | C] () -- C:\WINDOWS\System32\prfc0407.dat

[2013.11.08 22:11:55 | 083,705,178 | ---- | C] () -- D:\backup.reg

[2013.11.05 00:21:10 | 000,027,426 | ---- | C] () -- D:\ausgeschnitten.odt

[2013.11.04 00:22:44 | 000,012,140 | ---- | C] () -- D:\Raum.odt

[2013.11.02 02:17:23 | 000,148,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.10.28 01:37:33 | 000,012,271 | ---- | C] () -- D:\oldenburg fin.odt

[2013.10.20 00:08:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2013.10.14 00:10:48 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT

[2013.10.06 23:34:05 | 000,000,006 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\WBPU-TTL.DAT

[2013.10.06 23:34:04 | 000,000,096 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\WB.CFG

[2013.10.06 00:10:09 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data

[2013.07.09 00:54:15 | 000,002,494 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin

[2013.03.13 01:23:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat

[2012.11.06 00:55:58 | 000,017,136 | ---- | C] () -- C:\WINDOWS\System32\sasnative32.exe

[2012.10.03 23:45:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\jmejcbwv.dat

[2012.09.21 00:59:56 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat

[2012.08.08 16:12:54 | 000,000,313 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI

[2012.08.08 16:12:54 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI

[2012.08.08 16:12:54 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini

[2012.08.08 16:12:45 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL

[2012.08.08 16:12:45 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL

[2012.08.08 16:12:45 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL

[2012.08.08 16:12:44 | 000,008,975 | ---- | C] () -- C:\WINDOWS\HL-2030.INI

[2012.08.08 13:25:06 | 000,000,012 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\lpd2

[2012.07.31 11:55:45 | 000,000,075 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\verkleinerer.set

[2012.07.11 22:22:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini

[2012.02.16 16:18:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.01.06 23:44:06 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\ltp2

[2011.09.02 00:13:49 | 000,000,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\sys386ll.dat

[2011.09.02 00:02:58 | 000,000,010 | ---- | C] () -- C:\Dokumente und Einstellungen\Mama\Anwendungsdaten\hhxprot5

 
 ========== ZeroAccess Check ==========

 

[2013.09.18 00:20:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 22:28:08 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >

--- --- ---
OTL Logfile:

Code:

OTL Extras logfile created on: 20.11.2013 00:48:18 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = D:\Downloads

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1023,29 Mb Total Physical Memory | 254,62 Mb Available Physical Memory | 24,88% Memory free

2,40 Gb Paging File | 1,75 Gb Available in Paging File | 72,68% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 66,02 Gb Total Space | 37,21 Gb Free Space | 56,37% Space Free | Partition Type: FAT32

Drive D: | 43,88 Gb Total Space | 26,07 Gb Free Space | 59,42% Space Free | Partition Type: FAT32

 

Computer Name: BILLYRUBIN | User Name: Mama | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- Reg Error: Value error.

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 1

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0067D0DA-6EE3-48A0-BBAF-0DB18C916EDF}" = Brother HL-2030

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}" = OpenOffice 4.0.1

"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client

"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView

"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media

"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2

"{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1" = Aquamarin Haushaltsbuch 2.9.2 b

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{26A24AE4-039D-4CA4-87B4-2F83216045FF}" = Java(TM) 6 Update 45

"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45

"{2A8CF485-5A4D-4C7D-8ACF-4AB98914D529}" = Infineon TPM Professional Package

"{3193DDB1-8F15-43DA-85D5-4796BF645914}" = Steuer-Software 2013

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{6249C22D-E6A8-407B-BA8B-40298848ED94}" = OmniPage SE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz

"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML

"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Deutsch

"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup

"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager

"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU

"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D3E2B714-EE85-44A7-80E9-BF0FF21E7F02}" = Kobold VR-Updater

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F19178B7-F232-4E97-8511-E4D37A339E9C}" = Steuer-Software 2012

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"7-Zip" = 7-Zip 9.20

"Anti-Twin 2013-01-19 01.28.42" = Anti-Twin (Installation 19.01.2013)

"CAL" = Canon Camera Access Library

"CameraWindowDC8" = Canon Utilities CameraWindow DC 8

"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher

"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon MOV Decoder" = Canon MOV Decoder

"Canon MOV Encoder" = Canon MOV Encoder

"CCleaner" = CCleaner

"Defraggler" = Defraggler

"DivX Setup" = DivX-Setup

"ESET Online Scanner" = ESET Online Scanner v3

"ie8" = Windows Internet Explorer 8

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"IrfanView" = IrfanView (remove only)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft Security Client" = Microsoft Security Essentials

"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile

"Microsoft.Net.Client.3.5.LangPack.deu" = Microsoft .NET Framework Client Profile Language Pack - DEU

"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX

"Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de)

"Mozilla Thunderbird 24.1.0 (x86 de)" = Mozilla Thunderbird 24.1.0 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MyCamera" = Canon Utilities MyCamera

"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin

"NVIDIA Drivers" = NVIDIA Drivers

"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5

"PDF4Free_is1" = PDF4Free 3.0

"PhotoStitch" = Canon Utilities PhotoStitch

"Picasa 3" = Picasa 3

"ProInst" = Intel(R) PROSet/Wireless Software

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"USB2.0 1.3M WebCam" = USB2.0 1.3M WebCam

"VLC media player" = VLC media player 2.1.0

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{4f943a49-36ba-46e8-a873-4da859ce4a92}" = snapdo

"Audio Converter Packages" = Audio Converter Packages

"DigitalSite" = Update for Audio Converter

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 19.11.2013 18:49:52 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.11.2013 18:49:52 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.11.2013 18:49:53 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.11.2013 18:49:53 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.11.2013 18:51:15 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.11.2013 18:51:15 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/503006091D97D4F5AE39F7CBE7927D7D652D3431.crt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.11.2013 19:22:53 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436.crt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.11.2013 19:22:53 | Computer Name = BILLYRUBIN | Source = crypt32 | ID = 131077

Description = Der automatische Aktualisierungsabruf des Drittanbieterstammzertifikats

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436.crt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.11.2013 19:44:01 | Computer Name = BILLYRUBIN | Source = IFXWlxEN | ID = 2687344

Description = Failed to create instance of IWlxEvent interface.

 

Error - 19.11.2013 19:44:47 | Computer Name = BILLYRUBIN | Source = SecurityCenter | ID = 1802

Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der

 WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.

 

[ System Events ]

Error - 19.11.2013 16:40:19 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 16:44:36 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C6A-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 16:45:48 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 17:42:57 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 18:40:04 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C6A-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 18:41:23 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 18:42:46 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C6A-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 18:44:06 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 19:42:42 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C6A-72CB-47BB-99DD-2317551491DE}

 

Error - 19.11.2013 19:44:01 | Computer Name = BILLYRUBIN | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "IFXSpMgtSrv"

 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:

{FBCD9C66-72CB-47BB-99DD-2317551491DE}

 

[ TuneUp Events ]

Error - 04.11.2012 16:34:56 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 22.02.2013 12:22:41 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 22.02.2013 12:22:41 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 22.02.2013 12:22:41 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 23.02.2013 11:03:11 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 23.02.2013 11:03:11 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 23.02.2013 11:03:11 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 24.02.2013 11:50:31 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 24.02.2013 11:50:31 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

Error - 24.02.2013 11:50:31 | Computer Name = BILLYRUBIN | Source = TuneUp.UtilitiesSvc | ID = 300

Description = 

 

 

< End of report >

--- --- ---