habe mir den oben genannten Plagegeist eingefangen und werde ihn nicht mehr los, schon alles moegliche ausprobiert.(Hijackthis,Spybot S&D,Kaspersky, A natuerlich bei den Antivirusprog neuinstalliert, also nie 2 Antivirenprog auf einmal gehabt.
Leider hab ich kein Internet mehr, auch nicht im abgesichertem Modus. Komischerweise funktionieren aber noch die Minianwendungen von Windows 7. (Waehrungskurs, Wetter) Updates fuer Avast nicht moeglich.
Es gab ein User der dieses Problem schon einmal hatte, allerdings komme ich damit nicht weiter.
Ergebnis von Virustotal:
/file/98a24f0caf5b578e230e6f1103a5fba6aecb28a9128cad5520fcde546d643272/analysis//
Ich hoffe, ihr koennt mir weiter helfen!!!
Viele Gruesse, Peter
DDS (Ver_.01) - NTFSAMD64
Internet Explorer: 8.0.
BrowserJavaVersion: 1.6.0_26
Run by xyz at 2:36:34 on
Microsoft Windows 7 Professional
6.1.2.49.4.2605 [GMT 4:00]
AV: avast! Antivirus *Enabled/Updated* {2B2DB-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search && Destroy *Disabled/Outdated* {1EAF1D03--EB14-11F0F5EE2699}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Users\xyz~1\AppData\Local\Temp\5aiEDC7.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
============== Pseudo HJT Report ===============
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uURLSearchHooks: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad--fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {-b461-4bc5-46192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
BHO: Spybot-S&D IE Protection: {f74-2d53-2484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {aee5c-4ed4-8f7b-f1f} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc85b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-5d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
TB: Adobe PDF: {c5--0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4A-4066-A1AD-} - No File
TB: VShareToolBar: {7ac3e13b-3bca--f66dbb03c1b5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [SandboxieControl] &C:\Program Files\Sandboxie\SbieCtrl.exe&
uRun: [Adobe Acrobat Synchronizer] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe&
uRun: [Skype] &C:\Program Files (x86)\Skype\Phone\Skype.exe& /nosplash /minimized
uRun: [ManyCam] &C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe& /silent
uRun: [YI9B2F0F6EXHXF9HT] C:\systemhost\24FC2AE3130.exe
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Acrobat Assistant 8.0] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe&
mRun: [APSDaemon] &C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe&
mRun: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
mRun: [avast] &C:\Program Files\AVAST Software\Avast\avastUI.exe& /nogui
mRun: [SDTray] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe&
mRun: [Spybot-S&D Cleaning] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe& /autoclean
dRun: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: An OneNote s&enden - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anh?ngen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: ?bersetzen mit ABBYY Lingvo x&3 - C:\Program Files (x86)\ABBYY Lingvo x3\Lingvo.exe/3000
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
IE: {50-4f3c-EE0C6C49} - {48E7-C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC} - {898EA8C8-E7FF-479B-8935-AEC} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {F74-2D53-2484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-26-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2F-4FB0-9522-AC9BF37916A7} - hxxp:///NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{14B49A7C-51EB-46CC-70749} : NameServer = 132.195.113.109,132.195.20.3
TCP: Interfaces\{3033541A-FF72--A2ACA9CB5CEC} : DhcpNameServer = 10.142.1.222
TCP: Interfaces\{3033541A-FF72--A2ACA9CB5CEC}\ : DhcpNameServer = 10.142.1.222
Filter: text/xml - {--A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {5-4E58-B298-A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
mASetup: 6de2ed6f-0b56-4d57-b0f0-551ec8cbb27f - C:\ProgramData\Duden\dkreg.exe /dktray=on /csapi=on /ALLUSERS
{18DF081C-E8AD--FA578C2EBDC3}
{-B461-4BC5-46192CA}
{40c3cc16--0fb06f}
{F74-2D53-2484F}
{C5-4D22-B7F9-0BBC1D38A37E}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{AE7CD045-E861-484f-EE161910}
{AEE5C-4ED4-8F7B-F1F}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC85b-BC74-9C25C1C588A9}
{F4971EE7-DAA0-5D8EE6A077}
{855F3B16-6D32-4FE6-8A56-BBB}
{32099AAC-C132-A-4E364A424E17}
{40c3cc16--0fb06f}
{C5--0819E2EAAC93}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {D4A-4066-A1AD-} - No File
{7AC3E13B-3BCA--F66DBB03C1B5}
EB-X64: {855F3B16-6D32-4FE6-8A56-BBB} - No File
mRun-x64: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Acrobat Assistant 8.0] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe&
mRun-x64: [APSDaemon] &C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe&
mRun-x64: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
mRun-x64: [avast] &C:\Program Files\AVAST Software\Avast\avastUI.exe& /nogui
mRun-x64: [SDTray] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe&
mRun-x64: [Spybot-S&D Cleaning] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe& /autoclean
IE-X64: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
IE-X64: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-CD}: Groove GFS Stub Execution Hook
================= FIREFOX ===================
FF - ProfilePath - C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\
FF - prefs.js: browser.search.selectedEngine - ??? 1/2 ???u????
FF - prefs.js: browser.startup.homepage - hxxp:///?f=1&a=ddrnw
FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?clid=1769047&text=
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{40c3cc16--0fb06f}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE}\platform\WINNT\components\FoxyTunes.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\\components\DTToolbarFF.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: C:\Users\xyz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\xyz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
---- FIREFOX POLICIES ----
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp:///?f=1&a=ddrnw
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp:///?f=2&a=ddrnw
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp:///results.php?f=3&a=ddrnw&q=
FF - user.js: extensions.funmoods_i.id - e89cdbbc001fe1c1f5f2
FF - user.js: extensions.funmoods_i.instlDay - 15374
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.162:21:35
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ddrnw
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
============= SERVICES / DRIVERS ===============
R?2 SDUpdateSSpybot-S&D 2 Updating SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [ 1185704]
R1 aswSaswSC:\Windows\system32\drivers\aswSnx.sys --& C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --& C:\Windows\system32\drivers\aswSP.sys [?]
R1Virtual WiFi Filter DC:\Windows\system32\DRIVERS\vwififlt.sys --& C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;ABBYY Lingvo x3 Lizenz-SC:\Program Files (x86)\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [ 808224]
R2 AMD External Events UAMD External Events UC:\Windows\system32\atiesrxx.exe --& C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBaswFsBC:\Windows\system32\drivers\aswFsBlk.sys --& C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFaswMonF\??\C:\Windows\system32\drivers\aswMonFlt.sys --& C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Aavast! AC:\Program Files\AVAST Software\Avast\AvastSvc.exe [ 44768]
R2 ICQ SICQ SC:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [ 246520]
R2 NAUNero UC:\Program Files (x86)\Nero\Update\NASvc.exe [ 573224]
R2 SDWSCSSpybot-S&D 2 Security Center SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [ 166528]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --& C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [ 2280312]
R2 TuneUp.UtilitiesSTuneUp Utilities SC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [ 2027840]
R3 ManyCManyCam Virtual Webcam, WDM Video Capture DC:\Windows\system32\DRIVERS\ManyCam_x64.sys --& C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
R3 SbieDSbieDC:\Program Files\Sandboxie\SbieDrv.sys [ 148072]
R3 TuneUpUtilitiesDTuneUpUtilitiesDC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [ 11856]
R3Microsoft Virtual WiFi Miniport SC:\Windows\system32\DRIVERS\vwifimp.sys --& C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [ 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [ 138576]
S2Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [ 136176]
S2 SDScannerSSpybot-S&D 2 Scanner SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [ 1181104]
S2&C:\Program Files (x86)\simlock remote client\fah\fah.exe& -svcstart -d &C:\Program Files (x86)\simlock remote client\fah& --& C:\Program Files (x86)\simlock remote client\fah\fah.exe [?]
S3Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [ 136176]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --& C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
S3ZTE Mass Storage Filter DC:\Windows\system32\drivers\massfilter.sys --& C:\Windows\system32\drivers\massfilter.sys [?]
S3 Microsoft SharePoint Workspace Audit SMicrosoft SharePoint Workspace Audit SC:\Program Files\Microsoft Office\Office14\GROOVE.EXE [ ]
S3 ose64;Office 64 Source EC:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [ 174440]
S3Office Software Protection PC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [ 4925184]
S3 StorSSC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [ 20992]
S3 TsUsbFTsUsbFC:\Windows\system32\drivers\tsusbflt.sys --& C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB DC:\Windows\system32\Drivers\usbaapl64.sys --& C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSWindows-AktivierunC:\Windows\system32\Wat\WatAdminSvc.exe --& C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 Application UApplication UC:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [ 748440]
=============== Created Last 30 ================
23:02:02 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
07:38:42 3145728 ----a-w- C:\Windows\System32\win32k.sys
07:38:29 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
07:38:07 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
07:38:07 634880 ----a-w- C:\Windows\System32\msvcrt.dll
07:39:48 -------- d-----w- C:\Users\xyz\AppData\Local\Apps
07:32:51 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D91E4C6-BBAB-449B-B8E2-FDC2}\mpengine.dll
13:00:11 -------- d-----w- C:\Windows\rescache
21:40:34 -------- d-----w- C:\antivirprog
15:12:08 -------- d-----w- C:\Windows\System32\SPReview
06:16:16 -------- d-----w- C:\Windows\System32\EventProviders
21:05:20 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
08:20:54 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
08:20:41 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
08:19:43 41184 ----a-w- C:\Windows\avastSS.scr
08:19:35 -------- d-----w- C:\ProgramData\AVAST Software
08:19:35 -------- d-----w- C:\Program Files\AVAST Software
23:44:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
23:41:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
10:05:20 -------- d-----w- C:\Users\xyz\AppData\Roaming\kFv3DjpT2zpne1z
10:05:20 -------- d-----w- C:\kFv3DjpT2zpne1z
14:39:45 -------- d-----w- C:\Users\xyz\.phase-6
14:29:09 -------- d-----w- C:\ProgramData\Phase6
14:29:02 -------- d-----w- C:\Program Files (x86)\phase-6
23:02:08 -------- d-----w- C:\Program Files (x86)\GNU
23:02:02 -------- d-----w- C:\Program Files (x86)\CoreAAC
23:01:46 -------- d-----w- C:\ProgramData\GRETECH
22:34:57 -------- d-----w- C:\jdl2
22:21:35 -------- d-----w- C:\Program Files (x86)\Funmoods
22:19:45 -------- d-----w- C:\Program Files (x86)\JDownloader2
18:21:12 -------- d-----w- C:\ProgramData\Grammatica
18:20:26 -------- d-----w- C:\Program Files (x86)\Grammatica
07:57:25 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
07:57:25 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
07:57:25 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
07:57:25 45016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
20:29:13 -------- d-----w- C:\Program Files (x86)\Defcon
----a-w- C:\gns-defc.bin
==================== Find3M
====================
20:27:05 175616 ----a-w- C:\Windows\System32\msclmd.dll
20:27:05 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
20:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll
07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
============= FINISH:
2:39:04,89 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_.01)
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 12.06.:13
System Uptime: 17.02.:27 (0 hours ago)
Motherboard: Dell Inc. |
Processor: Intel(R) Core(TM)2 Duo CPU
@ 2.10GHz | Microprocessor | mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 223 GiB total, 1,407 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 1,341 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 0,747 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_&REV_12\4&2CB1F2EC&0&0AF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_&REV_12\4&2CB1F2EC&0&0AF0
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_&REV_12\4&2CB1F2EC&0&0CF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_&REV_12\4&2CB1F2EC&0&0CF0
Class GUID: {4d36e972-e325-11ce-bfc1-0}
Description: Broadcom NetLink (TM)-Gigabit-Ethernet
Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_&REV_10\4&28BE5
Manufacturer: Broadcom
Name: Broadcom NetLink (TM)-Gigabit-Ethernet
PNP Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_&REV_10\4&28BE5
Service: k57nd60a
Class GUID:
Description:
Device ID: ACPI\ITEE
Manufacturer:
PNP Device ID: ACPI\ITEE
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_&REV_12\4&2CB1F2EC&0&0BF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_&REV_12\4&2CB1F2EC&0&0BF0
Class GUID:
Description: Fingerprint Sensor
Device ID: USB\VID_08FF&PID_DAF38B&0&2
Manufacturer:
Name: Fingerprint Sensor
PNP Device ID: USB\VID_08FF&PID_DAF38B&0&2
==== System Restore Points ===================
RP360: 16.02.:11 - Windows Update
==== Installed Programs ======================
ABBYY Lingvo x3
Adobe Acrobat X Pro - English, Fran?ais, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3 - Deutsch
Apple Application Support
Apple Software Update
Ask Toolbar Updater
avast! Free Antivirus
Back4WinXP
BitTorrent
Business English Wortschatztrainer 5.0
Combined Community Codec Pack
DAEMON Tools Toolbar
DeepBurner Pro v1.9.0.228
Defcon v1.5 de rtl
DivX-Setup
Duden-Rechtschreibprüfung PLUS
EasyBits GO
Facebook Video Calling 1.1.1.1
FoxyTunes for Firefox
Funmoods on IE and Chrome
Goldman Sachs Rohstoff Radar Screen Saver
GOM PICKER
GOM Player
GOM Video Converter
Google Chrome
Google Earth Plug-in
Google Update Helper
Grammatica
IBM SPSS Statistics 19
ICQ Toolbar
in mind pro
Java Auto Updater
Java(TM) 6 Update 26
JDownloader 0.9
KaloMa 4.92
Langenscheidt Vokabeltrainer 6.0 Englisch
LECTURNITY Player
ManyCam 2.6.65 (remove only)
Mein Gutscheincode Finder 1.0.0.0
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - x86 9.0.
Miranda IM 0.8.25
MobiOne 1.3.2
Mobipocket Reader 6.2
Mozilla Firefox 10.0 (x86 de)
Mozilla Thunderbird 10.0 (x86 de)
MPEG2 Codec(libmpeg2/mad)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Opera 11.50
PDFCreator
pdfforge Toolbar v4.9
phase-6 2.1.1.1a
PowerArchiver 2010
PunkBuster Services
Quake Live Mozilla Plugin
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Rosetta Stone Version 3
Samsung ML-2010 Series
Samsung ML-2010 Series SmartPanel
Scrabble Deluxe
Security Task Manager 1.8d
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skat-Online V8
Skype Click to Call
Skype? 5.5
SpeedFan (remove only)
Spybot - Search & Destroy 2
Steamless Left4Dead2 Pack
TeamViewer 6
TuneUp Companion 2.2.7
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
Ubisoft Game Launcher
Ultralingua 7.1
USB-ì???ì <>
VC80CRTRedist - 8.0.
Veetle TV 0.9.18
VLC media player 1.0.5
Vokabeltrainer-Update 6.0.11
vShare.tv plugin 1.3
Winload Toolbar
ZehnFinger5 5.21
==== End Of File ===========================
Angeh?ngte Dateien
(9,4 KB, 55x aufgerufen)
Hi liebes Team,
ein kurzes update, ich hoffe es hilft weiter:
Ich habe ein versteckten Ordner mit dem Namen Systemhost gefunden in dem dateien mit komischen Namen drinn waren. Habe diesen geloescht(vorher gesichert) und seit dem habe ich die Datei &5aiEDC7.exe& oder ihre generierte Form nicht mehr im Windows temp Ordner.
Allerdings scheint etwas immer noch nicht zu funktionieren und es waren auch nicht der beschriebene Ordner zu finden, wie bei Nutzer &kaisa&.
Mein Internet funktioniert nach wie vor nicht, nur die Minianwendungen fuer das Wetter und Waehrungskurs, ich verstehe nicht warum? Soll ich das vielleicht in ein anderes Unterforum posten?
Ich hoffe wirklich ihr koennt mir weiter helfen!!!
Anbei habe ich die neuen log gepostet, ich hoffe es hift!
Vielen Dank!!!
Viele Gruesse, Pete
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_.01)
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 12.06.:13
System Uptime: 19.02.:34 (0 hours ago)
Motherboard: Dell Inc. |
Processor: Intel(R) Core(TM)2 Duo CPU
@ 2.10GHz | Microprocessor | mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 223 GiB total, 16,35 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 1,341 GiB free.
E: is FIXED (NTFS) - 10 GiB total, 0,747 GiB free.
F: is CDROM ()
I: is Removable
==== Disabled Device Manager Items =============
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_&REV_12\4&2CB1F2EC&0&0AF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_&REV_12\4&2CB1F2EC&0&0AF0
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_&REV_12\4&2CB1F2EC&0&0CF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_&REV_12\4&2CB1F2EC&0&0CF0
Class GUID: {4d36e972-e325-11ce-bfc1-0}
Description: Broadcom NetLink (TM)-Gigabit-Ethernet
Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_&REV_10\4&28BE5
Manufacturer: Broadcom
Name: Broadcom NetLink (TM)-Gigabit-Ethernet
PNP Device ID: PCI\VEN_14E4&DEV_1698&SUBSYS_&REV_10\4&28BE5
Service: k57nd60a
Class GUID:
Description:
Device ID: ACPI\ITEE
Manufacturer:
PNP Device ID: ACPI\ITEE
Class GUID:
Description: Basissystemger?t
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_&REV_12\4&2CB1F2EC&0&0BF0
Manufacturer:
Name: Basissystemger?t
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_&REV_12\4&2CB1F2EC&0&0BF0
Class GUID:
Description: Fingerprint Sensor
Device ID: USB\VID_08FF&PID_DAF38B&0&2
Manufacturer:
Name: Fingerprint Sensor
PNP Device ID: USB\VID_08FF&PID_DAF38B&0&2
==== System Restore Points ===================
RP361: 17.02.:41 - ARO 2012 - Before Installation
RP362: 17.02.:28 - ARO 2012 - FIRST RUN
RP363: 17.02.:25 - ARO 2012 Fri, Feb 17, 12
RP364: 17.02.:16 - ARO 2012- Before One Click
RP365: 17.02.:35 - Removed Grammatica
RP366: 17.02.:29 - ARO 2012 Fri, Feb 17, 12
==== Installed Programs ======================
ABBYY Lingvo x3
Adobe Acrobat X Pro - English, Fran?ais, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3 - Deutsch
Apple Application Support
Apple Software Update
Ask Toolbar Updater
avast! Free Antivirus
Back4WinXP
BitTorrent
Business English Wortschatztrainer 5.0
Combined Community Codec Pack
DAEMON Tools Toolbar
DeepBurner Pro v1.9.0.228
Defcon v1.5 de rtl
DivX-Setup
Duden-Rechtschreibprüfung PLUS
EasyBits GO
Facebook Video Calling 1.1.1.1
FoxyTunes for Firefox
Funmoods on IE and Chrome
Goldman Sachs Rohstoff Radar Screen Saver
GOM PICKER
GOM Player
GOM Video Converter
Google Chrome
Google Earth Plug-in
Google Update Helper
IBM SPSS Statistics 19
ICQ Toolbar
in mind pro
Java Auto Updater
Java(TM) 6 Update 26
JDownloader 0.9
KaloMa 4.92
Langenscheidt Vokabeltrainer 6.0 Englisch
LECTURNITY Player
ManyCam 2.6.65 (remove only)
Mein Gutscheincode Finder 1.0.0.0
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.
Microsoft Visual C++ 2008 Redistributable - x86 9.0.
Miranda IM 0.8.25
MobiOne 1.3.2
Mobipocket Reader 6.2
Mozilla Firefox 10.0 (x86 de)
Mozilla Thunderbird 10.0 (x86 de)
MPEG2 Codec(libmpeg2/mad)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Opera 11.50
PDFCreator
pdfforge Toolbar v4.9
phase-6 2.1.1.1a
PowerArchiver 2010
PunkBuster Services
Quake Live Mozilla Plugin
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Rosetta Stone Version 3
Samsung ML-2010 Series
Samsung ML-2010 Series SmartPanel
Scrabble Deluxe
Security Task Manager 1.8d
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skat-Online V8
Skype Click to Call
Skype? 5.5
SpeedFan (remove only)
Spybot - Search & Destroy 2
Steamless Left4Dead2 Pack
TeamViewer 6
TuneUp Companion 2.2.7
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
Ubisoft Game Launcher
USB-ì???ì <>
VC80CRTRedist - 8.0.
Veetle TV 0.9.18
VLC media player 1.0.5
Vokabeltrainer-Update 6.0.11
vShare.tv plugin 1.3
Winload Toolbar
ZehnFinger5 5.21
==== End Of File ===========================
DDS (Ver_.01) - NTFSAMD64
Internet Explorer: 8.0.
BrowserJavaVersion: 1.6.0_26
Run by xyz at 12:44:44 on
Microsoft Windows 7 Professional
6.1.2.49.4.2725 [GMT 4:00]
AV: avast! Antivirus *Disabled/Updated* {2B2DB-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search && Destroy *Disabled/Outdated* {1EAF1D03--EB14-11F0F5EE2699}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uURLSearchHooks: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
mURLSearchHooks: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad--fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {-b461-4bc5-46192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
BHO: Spybot-S&D IE Protection: {f74-2d53-2484f} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {aee5c-4ed4-8f7b-f1f} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc85b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-5d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: Winload Toolbar: {40c3cc16--0fb06f} - C:\Program Files (x86)\Winload\tbWin0.dll
TB: Adobe PDF: {c5--0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4A-4066-A1AD-} - No File
TB: VShareToolBar: {7ac3e13b-3bca--f66dbb03c1b5} -
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [SandboxieControl] &C:\Program Files\Sandboxie\SbieCtrl.exe&
uRun: [Adobe Acrobat Synchronizer] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe&
uRun: [Skype] &C:\Program Files (x86)\Skype\Phone\Skype.exe& /nosplash /minimized
uRun: [ManyCam] &C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe& /silent
uRun: [AROReminder] C:\Program Files (x86)\ARO 2012\ARO.exe -rem
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Acrobat Assistant 8.0] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe&
mRun: [APSDaemon] &C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe&
mRun: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
mRun: [avast] &C:\Program Files\AVAST Software\Avast\avastUI.exe& /nogui
mRun: [SDTray] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe&
mRun: [Spybot-S&D Cleaning] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe& /autoclean
dRun: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: An OneNote s&enden - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anh?ngen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: ?bersetzen mit ABBYY Lingvo x&3 - C:\Program Files (x86)\ABBYY Lingvo x3\Lingvo.exe/3000
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
IE: {50-4f3c-EE0C6C49} - {48E7-C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC} - {898EA8C8-E7FF-479B-8935-AEC} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {F74-2D53-2484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-26-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp:///update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2F-4FB0-9522-AC9BF37916A7} - hxxp:///NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{14B49A7C-51EB-46CC-70749} : NameServer = 132.195.113.109,132.195.20.3
TCP: Interfaces\{3033541A-FF72--A2ACA9CB5CEC} : DhcpNameServer = 10.142.1.222
TCP: Interfaces\{3033541A-FF72--A2ACA9CB5CEC}\ : DhcpNameServer = 10.142.1.222
Filter: text/xml - {--A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {5-4E58-B298-A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
mASetup: 6de2ed6f-0b56-4d57-b0f0-551ec8cbb27f - C:\ProgramData\Duden\dkreg.exe /dktray=on /csapi=on /ALLUSERS
{18DF081C-E8AD--FA578C2EBDC3}
{-B461-4BC5-46192CA}
{40c3cc16--0fb06f}
{F74-2D53-2484F}
{C5-4D22-B7F9-0BBC1D38A37E}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{AE7CD045-E861-484f-EE161910}
{AEE5C-4ED4-8F7B-F1F}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC85b-BC74-9C25C1C588A9}
{F4971EE7-DAA0-5D8EE6A077}
{855F3B16-6D32-4FE6-8A56-BBB}
{32099AAC-C132-A-4E364A424E17}
{40c3cc16--0fb06f}
{C5--0819E2EAAC93}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
TB-X64: {D4A-4066-A1AD-} - No File
{7AC3E13B-3BCA--F66DBB03C1B5}
EB-X64: {855F3B16-6D32-4FE6-8A56-BBB} - No File
mRun-x64: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Acrobat Assistant 8.0] &C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe&
mRun-x64: [APSDaemon] &C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe&
mRun-x64: [autodetect] C:\Windows\SysWOW64\SupportAppXL\AutoDect.exe
mRun-x64: [avast] &C:\Program Files\AVAST Software\Avast\avastUI.exe& /nogui
mRun-x64: [SDTray] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe&
mRun-x64: [Spybot-S&D Cleaning] &C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe& /autoclean
IE-X64: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
IE-X64: {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files (x86)\PlotSoft\PDFill\DownloadPDF.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-CD}: Groove GFS Stub Execution Hook
================= FIREFOX ===================
FF - ProfilePath - C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\
FF - prefs.js: browser.search.selectedEngine - ??? 1/2 ???u????
FF - prefs.js: browser.startup.homepage - hxxp:///?f=1&a=ddrnw
FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?clid=1769047&text=
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{40c3cc16--0fb06f}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE}\platform\WINNT\components\FoxyTunes.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\\components\DTToolbarFF.dll
FF - component: C:\Users\xyz\AppData\Roaming\Mozilla\Firefox\Profiles\sjs8wq95.default\extensions\\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: C:\Users\xyz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\xyz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
---- FIREFOX POLICIES ----
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp:///?f=1&a=ddrnw
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp:///?f=2&a=ddrnw
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp:///results.php?f=3&a=ddrnw&q=
FF - user.js: extensions.funmoods_i.id - e89cdbbc001fe1c1f5f2
FF - user.js: extensions.funmoods_i.instlDay - 15374
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.162:21:35
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ddrnw
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
============= SERVICES / DRIVERS ===============
R1 aswSaswSC:\Windows\system32\drivers\aswSnx.sys --& C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --& C:\Windows\system32\drivers\aswSP.sys [?]
R1Virtual WiFi Filter DC:\Windows\system32\DRIVERS\vwififlt.sys --& C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 ABBYY.Licensing.Lingvo.Desktop.14.0;ABBYY Lingvo x3 Lizenz-SC:\Program Files (x86)\Common Files\ABBYY\Lingvo\14.0\Licensing\NetworkLicenseServer.exe [ 808224]
R2 AMD External Events UAMD External Events UC:\Windows\system32\atiesrxx.exe --& C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBaswFsBC:\Windows\system32\drivers\aswFsBlk.sys --& C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFaswMonF\??\C:\Windows\system32\drivers\aswMonFlt.sys --& C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Aavast! AC:\Program Files\AVAST Software\Avast\AvastSvc.exe [ 44768]
R2 ICQ SICQ SC:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [ 246520]
R2 NAUNero UC:\Program Files (x86)\Nero\Update\NASvc.exe [ 573224]
R2 SDUpdateSSpybot-S&D 2 Updating SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [ 1185704]
R2 SDWSCSSpybot-S&D 2 Security Center SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [ 166528]
R2 SSPORT;SSPORT;\??\C:\Windows\system32\Drivers\SSPORT.sys --& C:\Windows\system32\Drivers\SSPORT.sys [?]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [ 2280312]
R2 TuneUp.UtilitiesSTuneUp Utilities SC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [ 2027840]
R3 ManyCManyCam Virtual Webcam, WDM Video Capture DC:\Windows\system32\DRIVERS\ManyCam_x64.sys --& C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
R3 SbieDSbieDC:\Program Files\Sandboxie\SbieDrv.sys [ 148072]
R3 TuneUpUtilitiesDTuneUpUtilitiesDC:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [ 11856]
R3Microsoft Virtual WiFi Miniport SC:\Windows\system32\DRIVERS\vwifimp.sys --& C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [ 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [ 138576]
S2Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [ 136176]
S2 SDScannerSSpybot-S&D 2 Scanner SC:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [ 1181104]
S3Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [ 136176]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --& C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
S3ZTE Mass Storage Filter DC:\Windows\system32\drivers\massfilter.sys --& C:\Windows\system32\drivers\massfilter.sys [?]
S3 Microsoft SharePoint Workspace Audit SMicrosoft SharePoint Workspace Audit SC:\Program Files\Microsoft Office\Office14\GROOVE.EXE [ ]
S3 ose64;Office 64 Source EC:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [ 174440]
S3Office Software Protection PC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [ 4925184]
S3 StorSSC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [ 20992]
S3 TsUsbFTsUsbFC:\Windows\system32\drivers\tsusbflt.sys --& C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB DC:\Windows\system32\Drivers\usbaapl64.sys --& C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSWindows-AktivierunC:\Windows\system32\Wat\WatAdminSvc.exe --& C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 Application UApplication UC:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [ 748440]
=============== Created Last 30 ================
20:53:15 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E746E488-1251-4FAA-8D9C-2E907BFDE55F}\mpengine.dll
10:43:23 -------- d-----w- C:\Users\xyz\AppData\Roaming\Sammsoft
10:43:01 -------- d-----w- C:\Program Files (x86)\ARO 2012
23:02:02 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
07:38:42 3145728 ----a-w- C:\Windows\System32\win32k.sys
07:38:29 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
07:38:07 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
07:38:07 634880 ----a-w- C:\Windows\System32\msvcrt.dll
07:39:48 -------- d-----w- C:\Users\xyz\AppData\Local\Apps
13:00:11 -------- d-----w- C:\Windows\rescache
21:40:34 -------- d-----w- C:\antivirprog
15:12:08 -------- d-----w- C:\Windows\System32\SPReview
06:16:16 -------- d-----w- C:\Windows\System32\EventProviders
21:05:20 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
08:20:54 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
08:20:41 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
08:19:43 41184 ----a-w- C:\Windows\avastSS.scr
08:19:35 -------- d-----w- C:\ProgramData\AVAST Software
08:19:35 -------- d-----w- C:\Program Files\AVAST Software
23:44:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
23:41:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
10:05:20 -------- d-----w- C:\Users\xyz\AppData\Roaming\kFv3DjpT2zpne1z
10:05:20 -------- d-----w- C:\kFv3DjpT2zpne1z
14:39:45 -------- d-----w- C:\Users\xyz\.phase-6
14:29:09 -------- d-----w- C:\ProgramData\Phase6
14:29:02 -------- d-----w- C:\Program Files (x86)\phase-6
23:02:08 -------- d-----w- C:\Program Files (x86)\GNU
23:02:02 -------- d-----w- C:\Program Files (x86)\CoreAAC
23:01:46 -------- d-----w- C:\ProgramData\GRETECH
22:34:57 -------- d-----w- C:\jdl2
22:21:35 -------- d-----w- C:\Program Files (x86)\Funmoods
22:19:45 -------- d-----w- C:\Program Files (x86)\JDownloader2
18:20:26 -------- d-----w- C:\Program Files (x86)\Grammatica
07:57:25 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
07:57:25 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
07:57:25 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
07:57:25 45016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
==================== Find3M
====================
20:27:05 175616 ----a-w- C:\Windows\System32\msclmd.dll
20:27:05 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
20:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
08:47:38 1188864 ----a-w- C:\Windows\System32\wininet.dll
07:54:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
06:44:38 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
06:09:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
============= FINISH: 12:45:45,48 ===============
Angeh?ngte Dateien
(9,3 KB, 50x aufgerufen)
__________________
Log-Analyse und Auswertung - 18.10.2015 (13)
Plagegeister aller Art und deren Bek?mpfung - 30.09.2013 (39)
Plagegeister aller Art und deren Bek?mpfung - 23.02.2013 (3)
Plagegeister aller Art und deren Bek?mpfung - 07.11.2012 (12)
Log-Analyse und Auswertung - 17.10.2012 (4)
Plagegeister aller Art und deren Bek?mpfung - 20.09.2012 (5)
Plagegeister aller Art und deren Bek?mpfung - 10.08.2012 (15)
Plagegeister aller Art und deren Bek?mpfung - 30.07.2012 (5)
Log-Analyse und Auswertung - 15.06.2012 (12)
Plagegeister aller Art und deren Bek?mpfung - 05.06.2012 (21)
Plagegeister aller Art und deren Bek?mpfung - 26.03.2012 (1)
Log-Analyse und Auswertung - 06.05.2011 (23)
Log-Analyse und Auswertung - 21.04.2011 (3)
Plagegeister aller Art und deren Bek?mpfung - 31.12.2010 (4)
Plagegeister aller Art und deren Bek?mpfung - 06.07.2010 (2)
Plagegeister aller Art und deren Bek?mpfung - 11.05.2010 (10)
Plagegeister aller Art und deren Bek?mpfung - 29.11.2009 (8)
Zum Thema Win32.GenericFF C:\Users\xyz~1\AppData\Local\Temp\5aiEDC7.exe - Hallo,
habe mir den oben genannten Plagegeist eingefangen und werde ihn nicht mehr los, schon alles moegliche ausprobiert.(Hijackthis,Spybot S&D,Kaspersky, A natuerlich bei den Antivirusprog neuinstalliert, also nie 2 Antivirenprog auf
- Win32.GenericFF C:\Users\xyz~1\AppData\Local\Temp\5aiEDC7.exe...
Du betrachtest: Win32.GenericFF C:\Users\xyz~1\AppData\Local\Temp\5aiEDC7.exe auf Trojaner-Board Search Engine Optimization by vBSEO &2011, Crawlability, Inc.